Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-32281 (GCVE-0-2026-32281)
Vulnerability from cvelistv5 – Published: 2026-04-08 01:06 – Updated: 2026-04-13 18:19- CWE-407 - Inefficient Algorithmic Complexity
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.25.9
(semver)
Affected: 1.26.0-0 , < 1.26.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-32281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T17:52:37.734298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T18:19:44.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "policiesValid"
},
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.2",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek - https://ciolek.dev"
}
],
"descriptions": [
{
"lang": "en",
"value": "Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T01:06:58.354Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/758061"
},
{
"url": "https://go.dev/issue/78281"
},
{
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"title": "Inefficient policy validation in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-32281",
"datePublished": "2026-04-08T01:06:58.354Z",
"dateReserved": "2026-03-11T16:38:46.556Z",
"dateUpdated": "2026-04-13T18:19:44.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-32281",
"date": "2026-07-13",
"epss": "0.00349",
"percentile": "0.27015"
},
"microsoft_vex": {
"current_release_date": "2026-06-23T14:43:31.000Z",
"cve": "CVE-2026-32281",
"id": "msrc_CVE-2026-32281",
"initial_release_date": "2026-04-02T00:00:00.000Z",
"product_status:known_affected": "7",
"product_status:known_not_affected": "8",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "Inefficient policy validation in crypto/x509",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-32281.json",
"version": "6"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-32281\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-04-08T02:16:03.350\",\"lastModified\":\"2026-06-17T10:35:28.980\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"crypto/x509\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"crypto/x509\",\"programRoutines\":[{\"name\":\"policiesValid\"},{\"name\":\"Certificate.Verify\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.9\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.2\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-13T17:52:37.734298Z\",\"id\":\"CVE-2026-32281\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.9\",\"matchCriteriaId\":\"C6C9C072-9817-402D-877F-F83584B07017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.2\",\"matchCriteriaId\":\"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/758061\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78281\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4946\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2026-07-13T17:31:43+00:00",
"cve": "CVE-2026-32281",
"id": "CVE-2026-32281",
"initial_release_date": "2026-04-08T01:06:58.354000+00:00",
"product_status:fixed": "1123",
"product_status:known_affected": "261",
"product_status:known_not_affected": "1104",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32281.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32281\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:52:37.734298Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T17:52:33.394Z\"}}], \"cna\": {\"title\": \"Inefficient policy validation in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Jakub Ciolek - https://ciolek.dev\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.2\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"policiesValid\"}, {\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/758061\"}, {\"url\": \"https://go.dev/issue/78281\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4946\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-407: Inefficient Algorithmic Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-04-08T01:06:58.354Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-32281\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T18:19:44.779Z\", \"dateReserved\": \"2026-03-11T16:38:46.556Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-04-08T01:06:58.354Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:20455
Vulnerability from csaf_redhat - Published: 2026-05-25 14:47 - Updated: 2026-07-13 17:31A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.17.8 for Red Hat OpenShift Service Mesh 3.2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.17.8, for Red Hat OpenShift Service Mesh 3.2, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 Go crypto/x509: Denial of Service via inefficient certificate chain validation (OSSM-13869)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20455",
"url": "https://access.redhat.com/errata/RHSA-2026:20455"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20455.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.17.8 for Red Hat OpenShift Service Mesh 3.2",
"tracking": {
"current_release_date": "2026-07-13T17:31:46+00:00",
"generator": {
"date": "2026-07-13T17:31:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20455",
"initial_release_date": "2026-05-25T14:47:57+00:00",
"revision_history": [
{
"date": "2026-05-25T14:47:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T08:56:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T17:31:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.2",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520857"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520851"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520857"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520851"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Aaf88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520857"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Aca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520851"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520857"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520851"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-25T14:47:57+00:00",
"details": "See Kiali 2.17.8 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20455"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:849f91f2cb0d582e1cc5497f491ff6549ed40ad9edb58f3b17cea5674a3e51cd_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:904b844d6a7fae4f41543d8700a0a53959aab343aa0016bc3ad9cdd867888fb4_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:97108094c210987dd296c844f823a0c5c80d14c5a06dac046ca9d4496b90977c_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ca0320cd135ea6bb92c923c58c84b17ae4f121a5fd0145062a9008f339dadace_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:37054f2e44514d5419af8381123d7ae81000e7e34fdb99472e965f843340c427_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:482cbad61e21f9ef5ccc074b798ad422f341ae17f1f7281947721f7280c0d9a7_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7852143b4d381db16057dd3e440e5ae9c4e10995753618472e5e42baa7f1586c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:af88ffb1e47738702d8e84c0111ada77697f06d8b5baca25dbfda806add3c1f7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:20456
Vulnerability from csaf_redhat - Published: 2026-05-25 14:48 - Updated: 2026-07-13 17:31A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.4.17 for Red Hat OpenShift Service Mesh 3.0 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.4.17, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 Go crypto/x509: Denial of Service via inefficient certificate chain validation (OSSM-13867)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20456",
"url": "https://access.redhat.com/errata/RHSA-2026:20456"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20456.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.4.17 for Red Hat OpenShift Service Mesh 3.0",
"tracking": {
"current_release_date": "2026-07-13T17:31:47+00:00",
"generator": {
"date": "2026-07-13T17:31:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20456",
"initial_release_date": "2026-05-25T14:48:15+00:00",
"revision_history": [
{
"date": "2026-05-25T14:48:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T08:56:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T17:31:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3",
"product": {
"name": "Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520253"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520118"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Aca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520253"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520118"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520253"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520118"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520253"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520118"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64 as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64 as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64 as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64 as a component of Red Hat OpenShift Service Mesh 3",
"product_id": "Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-25T14:48:15+00:00",
"details": "See Kiali 2.4.17 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4c1c113b5359d8bb7b99d26731156eb7523df3c3e46a301b37c638e821883a01_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4ce77d0a83c4b01ac1638c372360be8d970fd5c667749d133c9437d30cb206b3_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:61fbdc44a87c1484e5081345e767000895801ea55a8c6e1344bded1836d44729_amd64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9368c09b14d1743451257f901ec8e4b5d50f7343a2bbaf723aa6a7f9cb586882_s390x",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:075ca2039b54596754e028706abc0b4e719cfb6a1adc7dd0a512f1cf06adc3d0_s390x",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:196394c3907ff6ed0849a8086256265708256a80c2f3b47029cf902f2ee801df_arm64",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3aa2d2ff20f790e03eec33d5501552b0c874bf40097f1486282811f34fcf7139_ppc64le",
"Red Hat OpenShift Service Mesh 3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:ca9ef5694c6fb038a38b7f76f03501e5d094af381fad483d49518dd156a001d7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:20457
Vulnerability from csaf_redhat - Published: 2026-05-25 14:48 - Updated: 2026-07-13 17:31A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.11.11 for Red Hat OpenShift Service Mesh 3.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.11.11, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 Go crypto/x509: Denial of Service via inefficient certificate chain validation (OSSM-13868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20457",
"url": "https://access.redhat.com/errata/RHSA-2026:20457"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20457.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.11.11 for Red Hat OpenShift Service Mesh 3.1",
"tracking": {
"current_release_date": "2026-07-13T17:31:52+00:00",
"generator": {
"date": "2026-07-13T17:31:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20457",
"initial_release_date": "2026-05-25T14:48:14+00:00",
"revision_history": [
{
"date": "2026-05-25T14:48:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T08:56:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T17:31:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520433"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Acb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520365"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Ae8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520433"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Accd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520365"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520433"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520365"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520433"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Af177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520365"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-25T14:48:14+00:00",
"details": "See Kiali 2.11.11 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20457"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9874be237b24e860768f2d7ea9074ee225e64c363181b1cfd8c9cc37cca018f3_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb2642232c7b80ff411b2ff03b3e1ad05f01bd073587ebdd2bb6561a7757bfbe_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ccd47034fb55a8ff312039213bf137e10f38449f935040679ac13f7d78f2e142_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:f177998fa5c4abaa2edc2caac1d4a8f5f0777b48ff3eaf6ac61bebecc3370a42_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:7206679dbbf3986f2fbb728e69ecd61da448e5c3c3b2e4dcd97ea1bd4fc6e5fa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:862990dfcd46dc345215fc27a1d0b9670b8f31c83fe9e2b19d8ed813a9338d31_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:918dc1bb66e24f9c8a56e32c6dfb4dabbd596565ca6025c1e0306ec9a1353912_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e8f30f6ec276865a6ef570eb9a2f96cc9589518aff5e254f39a79229fa61f52a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:20460
Vulnerability from csaf_redhat - Published: 2026-05-25 15:04 - Updated: 2026-07-13 17:31A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.22.4 for Red Hat OpenShift Service Mesh 3.3 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.22.4, for Red Hat OpenShift Service Mesh 3.3, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 Go crypto/x509: Denial of Service via inefficient certificate chain validation (OSSM-13870)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20460",
"url": "https://access.redhat.com/errata/RHSA-2026:20460"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20460.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.22.4 for Red Hat OpenShift Service Mesh 3.3",
"tracking": {
"current_release_date": "2026-07-13T17:31:47+00:00",
"generator": {
"date": "2026-07-13T17:31:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20460",
"initial_release_date": "2026-05-25T15:04:34+00:00",
"revision_history": [
{
"date": "2026-05-25T15:04:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T08:56:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T17:31:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.3",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Ae4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-operator-bundle@sha256%3A5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779522281"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Ab136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520538"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520828"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Aa4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Adaa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520538"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Ab5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520828"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520538"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520828"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Af588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Af43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520538"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1779520828"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-25T15:04:34+00:00",
"details": "See Kiali 2.22.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20460"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:5f0d9c37da0df2e01de1965b121a0beffd3a4a61b29f317058eee3ed48a5411c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:0cd332b82542de28dc6d2dd7e955924fe3de35a5206bc2e9f4d4e2bd9a591148_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:625caa76382f8236b0ae5c1c438008a61f64a7b1497f861fef475f7428da477c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6395e4a973d90ebb1250a4f7aa131ab812eb5d9d3bc5900ccb329e87b8f1c9ea_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:b5a4fd9b6ec6eef405c167cbe70fde3c2618f26fb7ce837bf1d56c36e6064e1f_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:5bc3aab90ba7a7b6c1971110f235b67bbc3e1bcfa5c312b7cc7cfcd81d25912c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:b136ce6fcc852f6af963c35f1a39bfecb942b0189a26e22b9e404b5ceca0be13_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:daa5ce7c32434365161ed729a6fdb88587e658347e368e143b2338285bf44a29_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f43ad850d505a0cd2ce61970413389c5ac2e23edba4891e3977e5d541a09b33b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:801430f3d82d109bfecd3d1e1703200dc98a6c35eee0330b1c90d0fb4804ae11_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a4dc7862130d17dd424af3b3e285850448a7c85bfcc191bce9afa42d9f5c71f7_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:e4e55c3b1e398a962cbde38dd30260c77514d97e558028e0991f4a57bcb8d0be_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:f588d5d77bb0b4efdfca01f1ca7414fcadc90a97b165628b8f99bdd4df80c8a7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:20556
Vulnerability from csaf_redhat - Published: 2026-05-26 03:55 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20556",
"url": "https://access.redhat.com/errata/RHSA-2026:20556"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20556.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2026-07-13T23:21:48+00:00",
"generator": {
"date": "2026-07-13T23:21:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20556",
"initial_release_date": "2026-05-26T03:55:05+00:00",
"revision_history": [
{
"date": "2026-05-26T03:55:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T03:55:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_6.src",
"product": {
"name": "grafana-0:10.2.6-21.el9_6.src",
"product_id": "grafana-0:10.2.6-21.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_6.aarch64",
"product": {
"name": "grafana-0:10.2.6-21.el9_6.aarch64",
"product_id": "grafana-0:10.2.6-21.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"product_id": "grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_6.ppc64le",
"product": {
"name": "grafana-0:10.2.6-21.el9_6.ppc64le",
"product_id": "grafana-0:10.2.6-21.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"product_id": "grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_6.s390x",
"product": {
"name": "grafana-0:10.2.6-21.el9_6.s390x",
"product_id": "grafana-0:10.2.6-21.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_6.s390x",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.s390x",
"product_id": "grafana-selinux-0:10.2.6-21.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-21.el9_6.x86_64",
"product": {
"name": "grafana-0:10.2.6-21.el9_6.x86_64",
"product_id": "grafana-0:10.2.6-21.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-21.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-21.el9_6.x86_64",
"product": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.x86_64",
"product_id": "grafana-selinux-0:10.2.6-21.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-21.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"product": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"product_id": "grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-21.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"product_id": "grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-21.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64"
},
"product_reference": "grafana-0:10.2.6-21.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le"
},
"product_reference": "grafana-0:10.2.6-21.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x"
},
"product_reference": "grafana-0:10.2.6-21.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_6.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src"
},
"product_reference": "grafana-0:10.2.6-21.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-21.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64"
},
"product_reference": "grafana-0:10.2.6-21.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-21.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-21.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64"
},
"product_reference": "grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-21.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
},
"product_reference": "grafana-selinux-0:10.2.6-21.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:55:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:55:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20556"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:55:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20556"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:55:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-21.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-21.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:20569
Vulnerability from csaf_redhat - Published: 2026-05-26 03:26 - Updated: 2026-07-13 23:19A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for buildah is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20569",
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20569.json"
}
],
"title": "Red Hat Security Advisory: buildah security update",
"tracking": {
"current_release_date": "2026-07-13T23:19:47+00:00",
"generator": {
"date": "2026-07-13T23:19:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20569",
"initial_release_date": "2026-05-26T03:26:45+00:00",
"revision_history": [
{
"date": "2026-05-26T03:26:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T03:26:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:19:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.9-1.el10_0.src",
"product": {
"name": "buildah-2:1.39.9-1.el10_0.src",
"product_id": "buildah-2:1.39.9-1.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.9-1.el10_0?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.9-1.el10_0.aarch64",
"product": {
"name": "buildah-2:1.39.9-1.el10_0.aarch64",
"product_id": "buildah-2:1.39.9-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.9-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.9-1.el10_0.aarch64",
"product": {
"name": "buildah-tests-2:1.39.9-1.el10_0.aarch64",
"product_id": "buildah-tests-2:1.39.9-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.9-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"product": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"product_id": "buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.9-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"product": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"product_id": "buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.9-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"product_id": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.9-1.el10_0?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.9-1.el10_0.ppc64le",
"product": {
"name": "buildah-2:1.39.9-1.el10_0.ppc64le",
"product_id": "buildah-2:1.39.9-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.9-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"product": {
"name": "buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"product_id": "buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.9-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"product": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"product_id": "buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.9-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"product": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"product_id": "buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.9-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"product_id": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.9-1.el10_0?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.9-1.el10_0.s390x",
"product": {
"name": "buildah-2:1.39.9-1.el10_0.s390x",
"product_id": "buildah-2:1.39.9-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.9-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.9-1.el10_0.s390x",
"product": {
"name": "buildah-tests-2:1.39.9-1.el10_0.s390x",
"product_id": "buildah-tests-2:1.39.9-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.9-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"product": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"product_id": "buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.9-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"product": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"product_id": "buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.9-1.el10_0?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"product_id": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.9-1.el10_0?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-2:1.39.9-1.el10_0.x86_64",
"product": {
"name": "buildah-2:1.39.9-1.el10_0.x86_64",
"product_id": "buildah-2:1.39.9-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.39.9-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-2:1.39.9-1.el10_0.x86_64",
"product": {
"name": "buildah-tests-2:1.39.9-1.el10_0.x86_64",
"product_id": "buildah-tests-2:1.39.9-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.39.9-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"product": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"product_id": "buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.39.9-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"product": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"product_id": "buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.39.9-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64",
"product": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64",
"product_id": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.39.9-1.el10_0?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.9-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64"
},
"product_reference": "buildah-2:1.39.9-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.9-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le"
},
"product_reference": "buildah-2:1.39.9-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.9-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x"
},
"product_reference": "buildah-2:1.39.9-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.9-1.el10_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src"
},
"product_reference": "buildah-2:1.39.9-1.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-2:1.39.9-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64"
},
"product_reference": "buildah-2:1.39.9-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64"
},
"product_reference": "buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le"
},
"product_reference": "buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x"
},
"product_reference": "buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-2:1.39.9-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64"
},
"product_reference": "buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64"
},
"product_reference": "buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le"
},
"product_reference": "buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x"
},
"product_reference": "buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-2:1.39.9-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64"
},
"product_reference": "buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.9-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64"
},
"product_reference": "buildah-tests-2:1.39.9-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.9-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le"
},
"product_reference": "buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.9-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x"
},
"product_reference": "buildah-tests-2:1.39.9-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-2:1.39.9-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64"
},
"product_reference": "buildah-tests-2:1.39.9-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
},
"product_reference": "buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:26:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:26:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:26:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:26:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.src",
"AppStream-10.0.Z.E2S:buildah-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debuginfo-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-debugsource-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-2:1.39.9-1.el10_0.x86_64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.aarch64",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.s390x",
"AppStream-10.0.Z.E2S:buildah-tests-debuginfo-2:1.39.9-1.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:20570
Vulnerability from csaf_redhat - Published: 2026-05-26 03:25 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for podman is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20570",
"url": "https://access.redhat.com/errata/RHSA-2026:20570"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20570.json"
}
],
"title": "Red Hat Security Advisory: podman security update",
"tracking": {
"current_release_date": "2026-07-13T23:21:47+00:00",
"generator": {
"date": "2026-07-13T23:21:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20570",
"initial_release_date": "2026-05-26T03:25:35+00:00",
"revision_history": [
{
"date": "2026-05-26T03:25:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T03:25:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.2.src",
"product": {
"name": "podman-6:5.4.0-15.el10_0.2.src",
"product_id": "podman-6:5.4.0-15.el10_0.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.2?arch=src\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"product_id": "podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.2?arch=aarch64\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"product_id": "podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.2?arch=ppc64le\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-remote-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.2.s390x",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.s390x",
"product_id": "podman-tests-6:5.4.0-15.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.2?arch=s390x\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests-debuginfo@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
},
{
"category": "product_version",
"name": "podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"product": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"product_id": "podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@5.4.0-15.el10_0.2?arch=x86_64\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-6:5.4.0-15.el10_0.2.noarch",
"product": {
"name": "podman-docker-6:5.4.0-15.el10_0.2.noarch",
"product_id": "podman-docker-6:5.4.0-15.el10_0.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@5.4.0-15.el10_0.2?arch=noarch\u0026epoch=6"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src"
},
"product_reference": "podman-6:5.4.0-15.el10_0.2.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-6:5.4.0-15.el10_0.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch"
},
"product_reference": "podman-docker-6:5.4.0-15.el10_0.2.noarch",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
},
"product_reference": "podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:25:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:25:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20570"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:25:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.src",
"AppStream-10.0.Z.E2S:podman-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-docker-6:5.4.0-15.el10_0.2.noarch",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-debugsource-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-remote-debuginfo-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-6:5.4.0-15.el10_0.2.x86_64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.aarch64",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.ppc64le",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.s390x",
"CRB-10.0.Z.E2S:podman-tests-debuginfo-6:5.4.0-15.el10_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:20571
Vulnerability from csaf_redhat - Published: 2026-05-26 03:29 - Updated: 2026-07-13 23:21A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for skopeo is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20571",
"url": "https://access.redhat.com/errata/RHSA-2026:20571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20571.json"
}
],
"title": "Red Hat Security Advisory: skopeo security update",
"tracking": {
"current_release_date": "2026-07-13T23:21:48+00:00",
"generator": {
"date": "2026-07-13T23:21:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20571",
"initial_release_date": "2026-05-26T03:29:05+00:00",
"revision_history": [
{
"date": "2026-05-26T03:29:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T03:29:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:21:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.2.src",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.2.src",
"product_id": "skopeo-2:1.18.1-3.el10_0.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.2?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.2.aarch64",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.2.aarch64",
"product_id": "skopeo-2:1.18.1-3.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.2?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"product_id": "skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.2?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.2.s390x",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.2.s390x",
"product_id": "skopeo-2:1.18.1-3.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.2?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.18.1-3.el10_0.2.x86_64",
"product": {
"name": "skopeo-2:1.18.1-3.el10_0.2.x86_64",
"product_id": "skopeo-2:1.18.1-3.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.18.1-3.el10_0.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.x86_64",
"product": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.x86_64",
"product_id": "skopeo-tests-2:1.18.1-3.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.18.1-3.el10_0.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"product_id": "skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.18.1-3.el10_0.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"product_id": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.18.1-3.el10_0.2?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.2.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.18.1-3.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64"
},
"product_reference": "skopeo-2:1.18.1-3.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.18.1-3.el10_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
},
"product_reference": "skopeo-tests-2:1.18.1-3.el10_0.2.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:29:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:29:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20571"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:29:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.src",
"AppStream-10.0.Z.E2S:skopeo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debuginfo-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-debugsource-2:1.18.1-3.el10_0.2.x86_64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.aarch64",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.ppc64le",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.s390x",
"AppStream-10.0.Z.E2S:skopeo-tests-2:1.18.1-3.el10_0.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
}
]
}
RHSA-2026:20889
Vulnerability from csaf_redhat - Published: 2026-05-26 11:34 - Updated: 2026-07-13 23:20A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into core JavaScript objects. When another component in the same application environment is compromised and pollutes the system's object prototype, Axios can unknowingly use these manipulated values in its outbound network requests. This could lead to the disclosure of sensitive information or the alteration of network communications, compromising data confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20889",
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42264",
"url": "https://access.redhat.com/security/cve/CVE-2026-42264"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44486",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44487",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44488",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44492",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44494",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44495",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4103_release-notes-410",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4103_release-notes-410"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20889.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.10.3 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-13T23:20:33+00:00",
"generator": {
"date": "2026-07-13T23:20:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20889",
"initial_release_date": "2026-05-26T11:34:12+00:00",
"revision_history": [
{
"date": "2026-05-26T11:34:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T23:20:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aa32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3Ab4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778746644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aa7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Adbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Acefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ae5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Afe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3A71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778746644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ae077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Acde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Af1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Afa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778746262"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aa0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ab5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1778755463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1779293013"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-40895",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2026-04-21T21:02:33.280553+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460297"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "RHBZ#2460297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
}
],
"release_date": "2026-04-21T19:59:59.759000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
},
{
"cve": "CVE-2026-42264",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-05-08T04:02:21.039378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into core JavaScript objects. When another component in the same application environment is compromised and pollutes the system\u0027s object prototype, Axios can unknowingly use these manipulated values in its outbound network requests. This could lead to the disclosure of sensitive information or the alteration of network communications, compromising data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Prototype pollution allows information disclosure and request manipulation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important prototype pollution flaw in Axios could result in information disclosure and network request manipulation. The vulnerability occurs when a co-located dependency in the application environment successfully pollutes the JavaScript `Object.prototype`. Under these conditions, Axios may unknowingly incorporate the manipulated properties into its outbound HTTP requests, potentially compromising data confidentiality and integrity. Exploitation is contingent on a prior successful prototype pollution attack from another component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42264"
},
{
"category": "external",
"summary": "RHBZ#2467927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42264",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa",
"url": "https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10779",
"url": "https://github.com/axios/axios/pull/10779"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.2",
"url": "https://github.com/axios/axios/releases/tag/v1.15.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj",
"url": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj"
}
],
"release_date": "2026-05-08T03:20:24.248000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Prototype pollution allows information disclosure and request manipulation"
},
{
"cve": "CVE-2026-44486",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:30.944384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487947"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in the Axios Node.js HTTP adapter. Red Hat products utilizing Axios in a Node.js environment with an authenticated proxy and automatic redirects enabled are susceptible. The vulnerability arises when a request, initially sent through an authenticated proxy, is redirected to a target that no longer uses the proxy, potentially leaking `Proxy-Authorization` headers containing sensitive credentials to an untrusted remote server. This risk is heightened in deployments where applications interact with untrusted HTTP origins.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "RHBZ#2487947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc",
"url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc"
}
],
"release_date": "2026-06-11T15:39:07.714000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects"
},
{
"cve": "CVE-2026-44487",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:34.091476+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487948"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via redirect flows",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in Axios affecting Node.js environments. When an application uses Axios with an authenticated HTTP proxy and follows redirects from an HTTP to a non-proxied HTTPS destination, the Proxy-Authorization header may be inadvertently sent to the final origin server. This could lead to the exposure of sensitive proxy credentials to an unintended third party.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "RHBZ#2487948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v",
"url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v"
}
],
"release_date": "2026-06-11T15:38:25.150000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via redirect flows"
},
{
"cve": "CVE-2026-44488",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T17:01:36.836488+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Denial of Service due to unenforced request and response size limits",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A denial of service flaw was found in Axios, a JavaScript HTTP client library. This issue arises when applications utilize the `fetch` adapter, as configured request and response size limits are not properly enforced. A remote attacker could exploit this by sending or receiving excessively large data bodies, leading to resource exhaustion and potential denial of service in affected server-side applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "RHBZ#2487949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
}
],
"release_date": "2026-06-11T15:37:38.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Denial of Service due to unenforced request and response size limits"
},
{
"cve": "CVE-2026-44492",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2026-06-11T17:00:56.761751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Axios, a JavaScript HTTP client library, that allows for a proxy bypass. When a `NO_PROXY` environment variable is configured to prevent direct connections to specific IPv4 addresses, an attacker can craft a request URL using the IPv4-mapped IPv6 address format. This bypasses the intended `NO_PROXY` exclusion, routing the request through the configured proxy and potentially exposing internal services or sensitive information, such as cloud instance metadata credentials.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "RHBZ#2487938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv"
}
],
"release_date": "2026-06-11T15:29:13.890000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization"
},
{
"cve": "CVE-2026-44494",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:01:12.945664+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to escalate any existing Object.prototype pollution in an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the Axios library allows an attacker to escalate existing prototype pollution vulnerabilities within an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. By injecting a malicious proxy configuration into the `Object.prototype`, an attacker can intercept, read, and modify all HTTP traffic, including sensitive authentication credentials, without direct user interaction. This poses a significant risk to data confidentiality and integrity in Red Hat products that utilize the Axios library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "RHBZ#2487942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44494",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh",
"url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
}
],
"release_date": "2026-06-11T15:32:03.155000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution"
},
{
"cve": "CVE-2026-44495",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:00:53.999811+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure due to prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in Axios, a promise-based HTTP client, can lead to information disclosure, including credential theft and response hijacking, or denial of service. Exploitation requires a separate prototype pollution vulnerability in the same JavaScript process, allowing an attacker to control `Object.prototype.transformResponse`. Red Hat products using affected Axios versions are at risk if another component introduces such pollution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "RHBZ#2487937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
}
],
"release_date": "2026-06-11T15:33:12.433000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure due to prototype pollution vulnerability"
},
{
"cve": "CVE-2026-44496",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-06-11T17:01:15.856386+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Axios can lead to a client-side Denial of Service. An attacker capable of influencing the XSRF cookie name within a browser environment could trigger excessive regular expression processing, causing the affected browser tab to freeze and degrade user availability. This issue specifically impacts browser-based applications and does not affect Node.js HTTP adapter usage, React Native, or web workers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "RHBZ#2487943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"release_date": "2026-06-11T15:34:28.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T11:34:12+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:04e380e189febad5d8dcbfaa68643963ab8d65d7089d32e30a1276837605e03a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:10b0b798c4690002c7ffe064b84cf5d0bb6f52045cd15bfe79b15bd68d4fbe8c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:444df0b47d23743e19022b4a92e2ee9dd345598fb31f9b947f0bbdab7f59d90e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:a32574be1c7a5a9ef0aa8b8ce4946ffe4920cb72b402eb17d1ca07c43925faef_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:1563b3a0da76d7b35ecc4c563a8d347e9a558c8043da5c9588ad2f7f943a7ece_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:56e67cf62ffe4982d358ae06098da48f44175cd63239ebfb711b476404abb31a_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e077a56adee93c70cc339a83e47805691758c4e187195b0dd1d567133a5b6661_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:fe09f895ec18082b40abbcd7e546bb4bfeceb8dd4d7f1bed85310096333baa1d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:71e40863edd8c6275921449d977c396bf066e3ce87ad2c0e61f80003202637ab_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:b4789552297c62abde45025c53087f258273431fc4921cab693997bb3aebfaff_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:16792cdca53b00c9f3b8a318270fe2970ee8a8b5b7b54a68f3e3c8412f30d802_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1c803425800df9af39869d7fe6512c954261a24228f017b8751d6fc93ee14d94_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:7a45d15348cd7c48aada943ba0e9d6381f845267873d5c81cfaf501de2a3ae5b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:89e70cfaebf46d63cd2c3ddcb4f5b44cfca68d8ec7379a00da7266da7a91f20c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:dbbd62683e39389f91b5937a9d17a414243db53bb901ba7ebe17d24f8c78480e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4713cf6657eee34d58a329610050db2c3884b635260935ca69099be6bdd62400_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a7a9a2165e13c9be2ccc1bcc157b33f1c3994256baf43f4ac4a76021c0880278_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:cde020c47589fd802cda98804da44218f34eec63396efb166a81274617d8acf4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ceda1bd9270d37f947b4141be2a134767997f5135003b9d1f2007aed21c53a1e_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0c5bd402788e93b9795dbaa3dd82272339858972059e0e1017bb12a7a5fa52a1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:51c6efd982283db3ffeebc152e58874601f1660ce76700c7110d11bca1d06688_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9ec58aa0b8f1617d0a3e824cadaa8c939dada1f22e98c3a818bd85b0947dd9a5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0b8260a0c9b73d802891463c5427d1f3607acd62da928b1e4bd8aa7993649d4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:348379199252e9c10cdc6268ce42ce039f12adc6e8e588b8105d2ce1e81ae439_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:423d831317c9019733c1b2191568dd4f00890a4d4e26ada3067b7ba43a2b9b48_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9609056d08c8aff42326b2dea7733dc89ddfa019466c223bc0dfd22822627416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b693c67103bee5f49185b7cb2322ff174954b115938f0696d53a25b43f63f972_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7624c0fe4943f89cb8ca709a9d84004ffe4a533498d2bba21a83a811e16da2a9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:905f591f2e1e2e3dbd17bc8b1f903ae7b5fc8e573f3708eb3a97a70c5dc412dc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cefa60dedb2d65ba3d9324b7d37ef997300720f2e006014c1c79731ed3a1b2ba_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f1c6ac0330ce4337dff577ed282f1aaec462027edb0ef3a48db11f8eea9be6e4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:43b201e72f0ab1a59dddb5608bc814607ff1138572af3052af0199c468cecc47_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:68773c7eebb7f9764e3b0e6a49f7b025896764016896022504b7876ebc269af5_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:93ac1f8d14c6402ffa441b692ba8a28f95990a254835c69bf37165164eae895b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f94d97d4e1c5a2d50b3a7be98032c4f54f7582300d27de605f804d041916a7b6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0cbdb571c33cc7f78a4ace9ac32271cabce2fb585d758972053924440a15d1f7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:27ad8f03033572bac8d6e87a78a49018e5d1b6b4dfd0096365ec8668f1c97771_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:91ab6414f8e3559e3a424882dc40fe953990a6ad5efcaeb50fe0a6756f3e20c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:b5ee8b86ee6a8474158e60cfc26a676a355a9ed98076b73f905bca42b1085329_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0d0f3c45b3806a428c1dcdb9814699a44d067398854adde5e8f984481496deaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:76c6c09e9315ad9b83ec34d0825a94bdb90effcc072d58f9cf6c6b60ab0365aa_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8fd4674c282ee4da0095ea9611b25d25c4d70d522976fd7557eb93d07ca09296_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f6db822767d0e5c8d3544cdbc565e58880dd1a628465100edef7c5a2d7510abe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4aab8cb0a2e5b8518bdd01bc0557c7768ca40b080b9a907d5885d3743debb627_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e5659b1d9790c4bd5df3093b0a36dd4a0ca64ba224924d37e9dafc6aff5c83df_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ea9fba7212bc0621e1ed6b030b4c8a1fbe3a0f2491b6fdc192c14f8ef7a6ae27_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fa3a268f648bce0d881c1b26395cbf16f4d556483e4455f17dfa5968438d4152_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
}
]
}
RHSA-2026:20938
Vulnerability from csaf_redhat - Published: 2026-05-26 14:29 - Updated: 2026-07-13 17:39A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into core JavaScript objects. When another component in the same application environment is compromised and pollutes the system's object prototype, Axios can unknowingly use these manipulated values in its outbound network requests. This could lead to the disclosure of sensitive information or the alteration of network communications, compromising data confidentiality and integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:20938",
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40895",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42264",
"url": "https://access.redhat.com/security/cve/CVE-2026-42264"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44486",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44487",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44488",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44492",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44494",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44495",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-497_release-notes-49",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-497_release-notes-49"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20938.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.9.7 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-13T17:39:11+00:00",
"generator": {
"date": "2026-07-13T17:39:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:20938",
"initial_release_date": "2026-05-26T14:29:00+00:00",
"revision_history": [
{
"date": "2026-05-26T14:29:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-13T17:39:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Afa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ac0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aa0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ac1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ae1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Afb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ababe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1778780285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ade5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Aa493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aa252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ae9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1778781018"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1779371594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1779371594"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
},
{
"cve": "CVE-2026-40895",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2026-04-21T21:02:33.280553+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460297"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "RHBZ#2460297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
}
],
"release_date": "2026-04-21T19:59:59.759000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
},
{
"cve": "CVE-2026-42264",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-05-08T04:02:21.039378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into core JavaScript objects. When another component in the same application environment is compromised and pollutes the system\u0027s object prototype, Axios can unknowingly use these manipulated values in its outbound network requests. This could lead to the disclosure of sensitive information or the alteration of network communications, compromising data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Prototype pollution allows information disclosure and request manipulation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important prototype pollution flaw in Axios could result in information disclosure and network request manipulation. The vulnerability occurs when a co-located dependency in the application environment successfully pollutes the JavaScript `Object.prototype`. Under these conditions, Axios may unknowingly incorporate the manipulated properties into its outbound HTTP requests, potentially compromising data confidentiality and integrity. Exploitation is contingent on a prior successful prototype pollution attack from another component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42264"
},
{
"category": "external",
"summary": "RHBZ#2467927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42264",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42264"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa",
"url": "https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10779",
"url": "https://github.com/axios/axios/pull/10779"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.2",
"url": "https://github.com/axios/axios/releases/tag/v1.15.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj",
"url": "https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj"
}
],
"release_date": "2026-05-08T03:20:24.248000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Prototype pollution allows information disclosure and request manipulation"
},
{
"cve": "CVE-2026-44486",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:30.944384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487947"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in the Axios Node.js HTTP adapter. Red Hat products utilizing Axios in a Node.js environment with an authenticated proxy and automatic redirects enabled are susceptible. The vulnerability arises when a request, initially sent through an authenticated proxy, is redirected to a target that no longer uses the proxy, potentially leaking `Proxy-Authorization` headers containing sensitive credentials to an untrusted remote server. This risk is heightened in deployments where applications interact with untrusted HTTP origins.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "RHBZ#2487947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc",
"url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc"
}
],
"release_date": "2026-06-11T15:39:07.714000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects"
},
{
"cve": "CVE-2026-44487",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:34.091476+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487948"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via redirect flows",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in Axios affecting Node.js environments. When an application uses Axios with an authenticated HTTP proxy and follows redirects from an HTTP to a non-proxied HTTPS destination, the Proxy-Authorization header may be inadvertently sent to the final origin server. This could lead to the exposure of sensitive proxy credentials to an unintended third party.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "RHBZ#2487948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v",
"url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v"
}
],
"release_date": "2026-06-11T15:38:25.150000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via redirect flows"
},
{
"cve": "CVE-2026-44488",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T17:01:36.836488+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Denial of Service due to unenforced request and response size limits",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A denial of service flaw was found in Axios, a JavaScript HTTP client library. This issue arises when applications utilize the `fetch` adapter, as configured request and response size limits are not properly enforced. A remote attacker could exploit this by sending or receiving excessively large data bodies, leading to resource exhaustion and potential denial of service in affected server-side applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "RHBZ#2487949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
}
],
"release_date": "2026-06-11T15:37:38.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Denial of Service due to unenforced request and response size limits"
},
{
"cve": "CVE-2026-44492",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2026-06-11T17:00:56.761751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Axios, a JavaScript HTTP client library, that allows for a proxy bypass. When a `NO_PROXY` environment variable is configured to prevent direct connections to specific IPv4 addresses, an attacker can craft a request URL using the IPv4-mapped IPv6 address format. This bypasses the intended `NO_PROXY` exclusion, routing the request through the configured proxy and potentially exposing internal services or sensitive information, such as cloud instance metadata credentials.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "RHBZ#2487938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv"
}
],
"release_date": "2026-06-11T15:29:13.890000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization"
},
{
"cve": "CVE-2026-44494",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:01:12.945664+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to escalate any existing Object.prototype pollution in an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the Axios library allows an attacker to escalate existing prototype pollution vulnerabilities within an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. By injecting a malicious proxy configuration into the `Object.prototype`, an attacker can intercept, read, and modify all HTTP traffic, including sensitive authentication credentials, without direct user interaction. This poses a significant risk to data confidentiality and integrity in Red Hat products that utilize the Axios library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "RHBZ#2487942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44494",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh",
"url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
}
],
"release_date": "2026-06-11T15:32:03.155000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution"
},
{
"cve": "CVE-2026-44495",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:00:53.999811+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure due to prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in Axios, a promise-based HTTP client, can lead to information disclosure, including credential theft and response hijacking, or denial of service. Exploitation requires a separate prototype pollution vulnerability in the same JavaScript process, allowing an attacker to control `Object.prototype.transformResponse`. Red Hat products using affected Axios versions are at risk if another component introduces such pollution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "RHBZ#2487937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
}
],
"release_date": "2026-06-11T15:33:12.433000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure due to prototype pollution vulnerability"
},
{
"cve": "CVE-2026-44496",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-06-11T17:01:15.856386+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Axios can lead to a client-side Denial of Service. An attacker capable of influencing the XSRF cookie name within a browser environment could trigger excessive regular expression processing, causing the affected browser tab to freeze and degrade user availability. This issue specifically impacts browser-based applications and does not affect Node.js HTTP adapter usage, React Native, or web workers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "RHBZ#2487943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"release_date": "2026-06-11T15:34:28.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T14:29:00+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:20938"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:35f6d1d992eea9f67da1adf5418823547cb0dff248a54556d06ec7156fb35e87_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:553b8a7333d8106e57f1219d88ec16c3215e888659b4cb0c8c50f3ae87291c6c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6772545c27997554b7b94a2d6017b80949757254b2ebdaba23667d59010100a6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:babe2e99270875bb70f7e3c239cb2bd3d425cafd2c794efcd57d23924d9d0012_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0f88c2913f1904a841a51a80a3e3209f56c80ad74e0b217a32ad99a7cffbb6fb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:24e7b2da3205f2c619394e87375974a532c57900e14aa5e15b2018d9f2caaba1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ded5b808f00c26f0afc17808b1a5ab5a2877cca6bd90a98375ac253d3abeeca_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5ec312a6d0e0e911f5187f8dbf6b3045ff70f52c555e181316b983008c00e4c2_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2c05b3567adc67bc468830cdfc66e820f7cbb47ee0b5043a07be7ece7ab57a98_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:95c56e8f242a9ec6be3cccd752eb0a37638b7a6c249b4363ed22e55ff659ef82_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ad08006151b38330f5134c6c229a4c74361e85f4e4ad6124d41c0178f00d471d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:de5929be6c71347b05b69ed72f9fd3c505fa72be437c224a2742240ff4f2cd47_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:57da592df916a6bd9dfe90b2afc9a66b1cfb0da0053e87d0c65ef5c1bdf46969_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3ff4a0d936d68e5e93b2eccf3b39271e5e6b510551fbb8c5f772db4bc5735771_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8ca64e960ffe42a61f907fcda5e6bb99725c257d90e61360b948c9ccb41511cd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0e7621e8d564efbc12c1aaadfbccc30bc4581684970b9730d11ab9fb2a234f1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c1cdc9beb3858a95e559a3432440a85c6b68ab0fd48c52672e645747b1540734_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:58dd6ad9728252d674ae923c43f836a1ba57ef756e995ba9a4c3c4aa79d5c90a_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5b73a668f7c0806f1a0496420f724b98c83540558e976f700fb2836c8339d77e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:73fb048efc844d82f8b1b6f5ebd75cfc63b98d5818c815bea6f2af64c8fa8e9a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ec2d1346d211357af9a005e9ce76bbd66f3e57a966850c707e453f40e7c47b99_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5eb84a8c05c25aa5d9d4e2d195ded7c0080075c8e93de13a1ac11f4f40723449_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:732beadbc0c0c1358ee6cee0121e88d576641669e8915bbbea49006642618bc8_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c0de0eeefda096ad2c5cc07be1146547a1181166bd9d0fa0027aebc6b0d44c51_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e1718a46c5a65053136d917e1618d745cce876b82d54f81b219d7618aff6cf95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:288a49cc9c6a73d6a3afdf8fd5d3cc051449aa83085bc303458dabcc6eacc31d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4dd03edf3099d6908424a5b56369617597335091ed47153066ffd8f65525930c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a252b5f2daf717143d7305b90c927b8f6e559de98fa9ad2763d6d5c4db0e6e9c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc4a0674531b12fd31493d6046da3a6926151abbed9abec01402bc9966df5756_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:a493258b3ad62060f8f30a541a8dd0dfda0418fdcb1856b01031d8bc176a53d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c1d22483d11206d1dbfc43a89ee13644dd27eec8a3a6e29342d340e137e191df_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f71fa6ebb3c364c43038bf6968742e4c88efa567fbf5182611561a0016c09b65_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:fa2c75c36da57d42a5285abec40f044b472cf782fa3505b2ad803ac2521d4fb4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:50ad5781f1677028dfdfb98613ab75d843ec8a61ef6b2325545b73be0ef8cd82_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7a7e2226a60242a9107043543e38cbe20e61991d83405c106b047d2b4e274125_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8a804681a20fa3b8db7f70a4083d749eca45dcd043c837c0b3f9033bdea04494_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e9628b5c8ea548da2f8e1827c16f0706e0dd7e88eb67ee155f09fd28544ce2bd_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:09ded9eb45b2da2e46f75b202cf82b0e3255cd2aa2a6d99961f204bca5227039_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2068fb8c962c4edbca57a02e26fe347147caf3cf843e9ffc1c9d3c77d321bf3a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4b0a410f92ee242948b39a05c40b8262cf96014ae103feeec7500dc0a54457e2_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7e4be68af7aba018ca7f7482c01baf21eefd91667172a90bbc45adb6fe0f4495_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f84e20e7c7b45861749bb2c303a5b8f2fd8f6268304b5e968810e8f1c5d8c36_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:3b3d719054e1e0c39ce3ba0e433b391938576a8ece5ac52fce1d1f4bae0704d6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:674041f4d277962ee71273839e2ee9a13a979eed5021feefa5eadc9bf6f68cf9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb52c5e0fbe765e659f72ca61fa429fb59ae1c9030e846770e54a371a1e1b227_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.