Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-34986 (GCVE-0-2026-34986)
Vulnerability from cvelistv5 – Published: 2026-04-06 16:22 – Updated: 2026-06-30 03:15
VLAI
EPSS
Title
Go JOSE affect by a panic in JWE decryption
Summary
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
110 references
Impacted products
103 products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34986",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T14:21:42.477191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:21:54.041Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
],
"defaultStatus": "affected",
"product": "Custom Metric Autoscaler 2.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.0::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.3::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.3.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.4::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.4.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.5::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.5.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.6::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.21::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.21",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.22::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.22",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.18::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps 1.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1.21::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Pipelines 1.21",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Pipelines 1.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift distributed tracing 3.9.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.14::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.10::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.11::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el8"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el8"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:kernel_module_management:2"
],
"defaultStatus": "affected",
"product": "Kernel Module Management Operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_virtualization:2"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Virtualization",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "affected",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "affected",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:podman_desktop:1"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Podman Desktop",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:podman_desktop:0"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Podman Desktop - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "unaffected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "unaffected",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "unaffected",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "unaffected",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:kueue_operator:1"
],
"defaultStatus": "unaffected",
"product": "Red Hat Build of Kueue",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "unaffected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
}
],
"datePublic": "2026-04-06T16:22:45.353Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-131",
"description": "Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T03:15:33.234Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"name": "RHBZ#2455470",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34986.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20569"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19719"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27856"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22937"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19135"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22450"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25252"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25248"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25250"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:32991"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19721"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20607"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19720"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26054"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17287"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20609"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10135"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19186"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23228"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19353"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22714"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19173"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22423"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21769"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23345"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29854"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13829"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13791"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24977"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17598"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27001"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17448"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27004"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20041"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27063"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21703"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25194"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17468"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25187"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21709"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23241"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27044"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20034"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17474"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25206"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20946"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24484"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21932"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21931"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8490"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8491"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8493"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9388"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9385"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17550"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17547"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12279"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22629"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24853"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19375"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22465"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22840"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10125"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10130"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24475"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24482"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24479"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24477"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24471"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12116"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19099"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19108"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28198"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17459"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17458"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11512"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22258"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17121"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22260"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:30650"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18584"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18585"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:17789: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:20569: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:27856: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:17040: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:16696: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:22937: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22450: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19017: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:25252: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25248: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25250: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:32991: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:20607: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:26054: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:20609: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:10135: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19186: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:23228: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:22714: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19173: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19"
},
{
"lang": "en",
"value": "RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"lang": "en",
"value": "RHSA-2026:22423: Multicluster Global Hub 1.3.4"
},
{
"lang": "en",
"value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
},
{
"lang": "en",
"value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
},
{
"lang": "en",
"value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
},
{
"lang": "en",
"value": "RHSA-2026:29854: OpenShift API for Data Protection 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:26568: OpenShift API for Data Protection 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:11070: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:11217: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:17598: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:27001: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:17448: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:27004: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:27063: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:21703: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:25194: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:17468: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:25187: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:21709: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:23241: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:27044: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:20034: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:17474: Red Hat OpenShift Container Platform 4.21"
},
{
"lang": "en",
"value": "RHSA-2026:25206: Red Hat OpenShift Container Platform 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:20946: Red Hat OpenShift GitOps 1.18"
},
{
"lang": "en",
"value": "RHSA-2026:24484: Red Hat OpenShift Pipelines 1.21"
},
{
"lang": "en",
"value": "RHSA-2026:21932: Red Hat OpenShift Pipelines 1.2"
},
{
"lang": "en",
"value": "RHSA-2026:21931: Red Hat OpenShift Pipelines 1.2"
},
{
"lang": "en",
"value": "RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:9448: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:8490: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:9453: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:8491: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:8493: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:9388: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:17550: Red Hat Openshift Data Foundation 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:17547: Red Hat Openshift Data Foundation 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:12279: Red Hat Openshift Data Foundation 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:12277: Red Hat Openshift Data Foundation 4.2"
},
{
"lang": "en",
"value": "RHSA-2026:11856: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:22629: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:21017: Red Hat Quay 3.14"
},
{
"lang": "en",
"value": "RHSA-2026:24853: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:19375: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:22465: Red Hat Quay 3.17"
},
{
"lang": "en",
"value": "RHSA-2026:11916: Red Hat Quay 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:22840: Red Hat Quay 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:23361: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:11996: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:10125: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:10130: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:24475: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:24482: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:24479: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:24477: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:24471: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:12116: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:19099: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:19108: multicluster engine for Kubernetes 2.11"
},
{
"lang": "en",
"value": "RHSA-2026:28198: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:17459: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:17458: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:11512: multicluster engine for Kubernetes 2.7"
},
{
"lang": "en",
"value": "RHSA-2026:17123: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:22258: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:17121: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:22260: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:30650: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:18584: multicluster engine for Kubernetes 2.9"
},
{
"lang": "en",
"value": "RHSA-2026:18585: multicluster engine for Kubernetes 2.9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-06T17:01:34.639Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-04-06T16:22:45.353Z",
"value": "Made public."
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "go-jose",
"vendor": "go-jose",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.1.4"
},
{
"status": "affected",
"version": "\u003c 3.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T16:22:45.353Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"name": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"tags": [
"x_refsource_MISC"
],
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"source": {
"advisory": "GHSA-78h2-9frx-2jm8",
"discovery": "UNKNOWN"
},
"title": "Go JOSE affect by a panic in JWE decryption"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34986",
"datePublished": "2026-04-06T16:22:45.353Z",
"dateReserved": "2026-03-31T19:38:31.617Z",
"dateUpdated": "2026-06-30T03:15:33.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-34986",
"date": "2026-06-29",
"epss": "0.00283",
"percentile": "0.19979"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-34986\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-04-06T17:17:11.870\",\"lastModified\":\"2026-06-30T03:19:00.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"go-jose\",\"product\":\"go-jose\",\"versions\":[{\"version\":\"\u003e= 4.0.0, \u003c 4.1.4\",\"status\":\"affected\"},{\"version\":\"\u003c 3.0.5\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Custom Metric Autoscaler 2.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.3.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.4.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.5.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.8::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.25\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.25::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.21\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.21::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.22\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.22::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.27\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps 1.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1.18::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Pipelines 1.21\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1.21::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Pipelines 1.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3.9.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.14::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.15::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.10::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Kernel Module Management Operator for Red Hat Openshift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:kernel_module_management:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhmt:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Virtualization\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_virtualization:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Developer Tools and Services\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ocp_tools\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Podman Desktop\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:podman_desktop:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Podman Desktop - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:podman_desktop:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Connectivity Link 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:connectivity_link:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Cluster Manager CLI\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logical Volume Manager Storage\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:lvms:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Network Observability Operator\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:network_observ_optr:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Node HealthCheck Operator\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_nhc:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Power monitoring for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_power_monitoring\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Kueue\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:kueue_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-07T14:21:42.477191Z\",\"id\":\"CVE-2026-34986\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-131\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:go-jose_project:go-jose:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.5\",\"matchCriteriaId\":\"C8F16FC9-40BA-4C17-9ABD-614143E86BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:go-jose_project:go-jose:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.1.4\",\"matchCriteriaId\":\"DC2FEC8C-1ECF-40EA-A074-86B4C7688B60\"}]}]}],\"references\":[{\"url\":\"https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Technical Description\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10125\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10130\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10135\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10175\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11070\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11217\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11512\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11688\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11856\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11916\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11996\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12116\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12277\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12279\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13791\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13829\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16696\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17040\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17121\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17123\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17287\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17448\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17458\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17459\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17468\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17474\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17547\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17550\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17598\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17789\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18584\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18585\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19099\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19108\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19135\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19173\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19186\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19353\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19712\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19719\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19721\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20034\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20041\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20569\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20607\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20609\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20946\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21703\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21709\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21769\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21931\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21932\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22258\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22260\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22347\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22423\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22450\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22465\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22629\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22714\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22840\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22937\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23228\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23241\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23345\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23361\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24471\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24475\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24477\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24479\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24482\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24484\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24853\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24977\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25127\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25187\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25194\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25206\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25248\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25250\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25252\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26054\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26568\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26585\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26636\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27001\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27004\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27044\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27063\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27856\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28198\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29854\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:30650\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:32991\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8490\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8491\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8493\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9385\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9388\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9448\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9453\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-34986\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2455470\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34986.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-34986\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-07T14:21:42.477191Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-07T14:21:49.130Z\"}}], \"cna\": {\"title\": \"Go JOSE affect by a panic in JWE decryption\", \"source\": {\"advisory\": \"GHSA-78h2-9frx-2jm8\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"go-jose\", \"product\": \"go-jose\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 4.0.0, \u003c 4.1.4\"}, {\"status\": \"affected\", \"version\": \"\u003c 3.0.5\"}]}], \"references\": [{\"url\": \"https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8\", \"name\": \"https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants\", \"name\": \"https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-248\", \"description\": \"CWE-248: Uncaught Exception\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-04-06T16:22:45.353Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-34986\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-07T14:21:54.041Z\", \"dateReserved\": \"2026-03-31T19:38:31.617Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-04-06T16:22:45.353Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:10175
Vulnerability from csaf_redhat - Published: 2026-04-23 14:43 - Updated: 2026-06-30 05:54Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.1 Release.
Severity
Important
Notes
Topic: Red Hat OpenShift Dev Spaces 3.27.1 has been released.
Details: Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.27 release is based on Eclipse Che 7.115 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#crw
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
7.0 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access.
7.4 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
8.1 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Spring Boot. This vulnerability, an authentication bypass, occurs when an application endpoint requiring authentication is declared under a specific path already configured for a Health Group additional path. A remote attacker could exploit this to bypass authentication, potentially gaining unauthorized access to sensitive application endpoints. This could lead to information disclosure or unauthorized actions.
8.2 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Moderate
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote unauthenticated client can exploit this vulnerability by sending an incomplete Transport Layer Security (TLS) record, which causes the TLS handshake to stall indefinitely. This can lead to resource exhaustion, such as file descriptors and goroutines, ultimately degrading the availability of all services on the affected entrypoint, resulting in a Denial of Service (DoS).
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface (CLI) inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences (`../`), an attacker can overwrite files anywhere on the host filesystem where the build process has write permissions. This vulnerability can lead to persistent remote code execution (RCE) by overwriting critical system or user configuration files.
9.1 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Threats
Impact
Important
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote unauthenticated client can exploit a case sensitivity vulnerability in how Traefik processes HTTP/1.1 requests. By using lowercase tokens in the Connection header, an attacker can bypass security protections, leading to the removal of Traefik-managed forwarded identity headers. This could result in information disclosure or misattribution of client requests.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote attacker can exploit this vulnerability by sending fragmented ClientHello packets during the Transport Layer Security (TLS) handshake. This causes Traefik's Server Name Indication (SNI) extraction to fail, leading to a fallback to a default TLS configuration that does not require client certificates. This allows an attacker to bypass mutual TLS (mTLS) authentication, gaining unauthorized access to services that should be protected by client certificate requirements.
8.3 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. When using the Knative provider, Traefik incorrectly interpolates user-controlled values into router rule expressions without proper escaping. This vulnerability allows an attacker to inject malicious rule syntax, leading to a host restriction bypass. In multi-tenant environments, this can result in unauthorized traffic being routed to victim services, potentially exposing cross-tenant traffic.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Traefik, an HTTP reverse proxy and load balancer. When the `headerField` is configured with a non-canonical HTTP header name, an authenticated attacker can inject a canonical version of that header. This allows the attacker to impersonate any identity to the backend, leading to an authentication bypass. The backend prioritizes the attacker-injected header, overriding Traefik's intended header.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in @fastify/reply-from and @fastify/http-proxy. A remote attacker can exploit this vulnerability by manipulating the Connection header in client requests. This allows the attacker to remove specific headers that the proxy has added for security, routing, or access control purposes. Consequently, an attacker could bypass security mechanisms or gain unauthorized access to resources.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.
7.5 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.
7.5 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Vendor Fix
fix
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Threats
Impact
Important
A flaw was found in Handlebars. An attacker can exploit this by supplying a crafted Abstract Syntax Tree (AST) object to the `Handlebars.compile()` function. This allows the injection and execution of arbitrary JavaScript code due to improper sanitization of the `value` field in `NumberLiteral` AST nodes. This vulnerability can lead to Remote Code Execution (RCE) on the server.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Handlebars. A remote attacker can exploit this vulnerability by manipulating the `@partial-block` special variable within the template data context. By overwriting `@partial-block` with a specially crafted Abstract Syntax Tree (AST) through a helper, a subsequent invocation of `{{> @partial-block}}` will compile and execute the malicious AST. This enables arbitrary JavaScript execution on the server, leading to potential compromise of the system.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Handlebars.js. A remote attacker can exploit this by submitting a malformed Handlebars template that includes decorator syntax referencing an unregistered decorator. When the application attempts to compile this template without proper error handling, it triggers an unhandled `TypeError`. This error causes the Node.js process to crash, resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Handlebars.js. A remote attacker can exploit this vulnerability by providing a specially crafted object within the template context. This crafted object, when processed by a dynamic partial lookup, can bypass security checks and be interpreted as malicious code. This allows the attacker to execute arbitrary commands on the server where Handlebars.js is running.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Handlebars. The Handlebars command-line interface (CLI) precompiler concatenates user-controlled strings, such as template file names and CLI options, directly into the generated JavaScript without proper escaping or sanitization. An attacker capable of influencing these inputs can inject arbitrary JavaScript code. This can lead to arbitrary code execution when the generated JavaScript bundle is loaded in a Node.js environment or a web browser.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
9.0 (Critical)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le | — |
Vendor Fix
fix
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x | — |
Threats
Impact
Important
References
190 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.27.1 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\nThe 3.27 release is based on Eclipse Che 7.115 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\nUsers still using the v1 standard should migrate as soon as possible.\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\nDev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.\nhttps://access.redhat.com/support/policy/updates/openshift#crw",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:10175",
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.27/html/administration_guide/installing-devspaces",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.27/html/administration_guide/installing-devspaces"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22731",
"url": "https://access.redhat.com/security/cve/CVE-2026-22731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2332",
"url": "https://access.redhat.com/security/cve/CVE-2026-2332"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26999",
"url": "https://access.redhat.com/security/cve/CVE-2026-26999"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27606",
"url": "https://access.redhat.com/security/cve/CVE-2026-27606"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29054",
"url": "https://access.redhat.com/security/cve/CVE-2026-29054"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32305",
"url": "https://access.redhat.com/security/cve/CVE-2026-32305"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32695",
"url": "https://access.redhat.com/security/cve/CVE-2026-32695"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33433",
"url": "https://access.redhat.com/security/cve/CVE-2026-33433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33805",
"url": "https://access.redhat.com/security/cve/CVE-2026-33805"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33870",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33871",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33937",
"url": "https://access.redhat.com/security/cve/CVE-2026-33937"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33938",
"url": "https://access.redhat.com/security/cve/CVE-2026-33938"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33939",
"url": "https://access.redhat.com/security/cve/CVE-2026-33939"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33940",
"url": "https://access.redhat.com/security/cve/CVE-2026-33940"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33941",
"url": "https://access.redhat.com/security/cve/CVE-2026-33941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_10175.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.27.1 Release.",
"tracking": {
"current_release_date": "2026-06-30T05:54:53+00:00",
"generator": {
"date": "2026-06-30T05:54:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:10175",
"initial_release_date": "2026-04-23T14:43:48+00:00",
"revision_history": [
{
"date": "2026-04-23T14:43:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-23T14:43:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:54:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces 3.27",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3.27::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Abaccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776744110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776743204"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718450"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795511"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3Ad3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Ade2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776774989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Abf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776716842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Ad05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718480"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256%3A961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776803772"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776717247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776796445"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718585"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776789889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Ae1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776777278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776778243"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776744110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776743204"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718450"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795511"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776774989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ad0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776716842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718480"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Afb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776717247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776796445"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3Acbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718585"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776789889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776777278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776778243"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Aab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776744110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776743204"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718450"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795511"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776774989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ab2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776716842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Adcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718480"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Ae224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776717247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776796445"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3Aee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718585"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776789889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776777278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776778243"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776744110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Af7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776743204"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Acb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718450"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795511"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Af72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776795400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"product": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"product_id": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-redirector-rhel9@sha256%3A4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776774989"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776716842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Ab725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718480"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Ae832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776717247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3Ad97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776796445"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776718585"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776789889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Ae6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776777278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3Ab65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1776778243"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64 as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x as a component of Red Hat OpenShift Dev Spaces 3.27",
"product_id": "Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces 3.27"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2026-2332",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-04-14T12:01:05.768902+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458187"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to send a crafted payload to a Jetty server that is behind a reverse proxy or load balancer, specifically with a chunk extension that includes an unclosed double quote before the CRLF to trick the parser. This flaw allows an attacker to bypass security controls, cause cache poisoning or gain unauthorized endpoint access. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2332"
},
{
"category": "external",
"summary": "RHBZ#2458187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2332"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2332",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2332"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-355h-qmc2-wpwf",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-355h-qmc2-wpwf"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/89",
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/89"
}
],
"release_date": "2026-04-14T10:59:10.193000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-22731",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2026-03-19T23:02:37.111109+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449290"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot. This vulnerability, an authentication bypass, occurs when an application endpoint requiring authentication is declared under a specific path already configured for a Health Group additional path. A remote attacker could exploit this to bypass authentication, potentially gaining unauthorized access to sensitive application endpoints. This could lead to information disclosure or unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Spring Boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22731"
},
{
"category": "external",
"summary": "RHBZ#2449290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22731",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22731"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2026-22731",
"url": "https://spring.io/security/cve-2026-22731"
}
],
"release_date": "2026-03-19T22:36:15.112000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate, ensure that application endpoints requiring authentication are not declared under paths already configured as Health Group additional paths within Spring Boot applications using Actuator. Review and adjust your application\u0027s configuration to prevent this overlap. A redeployment of the application is required for changes to take effect.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Spring Boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26999",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-03-05T19:01:09.939098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444874"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote unauthenticated client can exploit this vulnerability by sending an incomplete Transport Layer Security (TLS) record, which causes the TLS handshake to stall indefinitely. This can lead to resource exhaustion, such as file descriptors and goroutines, ultimately degrading the availability of all services on the affected entrypoint, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/traefik/traefik: Traefik: Denial of Service due to incomplete TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26999"
},
{
"category": "external",
"summary": "RHBZ#2444874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444874"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26999"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26999",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26999"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.38",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.38"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.9",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.9"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-xw98-5q62-jx94",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-xw98-5q62-jx94"
}
],
"release_date": "2026-03-05T16:15:36.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/traefik/traefik: Traefik: Denial of Service due to incomplete TLS handshake"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-27606",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-02-25T04:01:24.449922+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface (CLI) inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences (`../`), an attacker can overwrite files anywhere on the host filesystem where the build process has write permissions. This vulnerability can lead to persistent remote code execution (RCE) by overwriting critical system or user configuration files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27606"
},
{
"category": "external",
"summary": "RHBZ#2442530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27606",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27606"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27606",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27606"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2",
"url": "https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e",
"url": "https://github.com/rollup/rollup/commit/c8cf1f9c48c516285758c1e11f08a54f304fd44e"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3",
"url": "https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/releases/tag/v2.80.0",
"url": "https://github.com/rollup/rollup/releases/tag/v2.80.0"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/releases/tag/v3.30.0",
"url": "https://github.com/rollup/rollup/releases/tag/v3.30.0"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/releases/tag/v4.59.0",
"url": "https://github.com/rollup/rollup/releases/tag/v4.59.0"
},
{
"category": "external",
"summary": "https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc",
"url": "https://github.com/rollup/rollup/security/advisories/GHSA-mw96-cpmx-2vgc"
}
],
"release_date": "2026-02-25T02:08:06.682000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability"
},
{
"cve": "CVE-2026-29054",
"cwe": {
"id": "CWE-178",
"name": "Improper Handling of Case Sensitivity"
},
"discovery_date": "2026-03-05T19:01:04.119334+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote unauthenticated client can exploit a case sensitivity vulnerability in how Traefik processes HTTP/1.1 requests. By using lowercase tokens in the Connection header, an attacker can bypass security protections, leading to the removal of Traefik-managed forwarded identity headers. This could result in information disclosure or misattribution of client requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/traefik/traefik: Traefik: Information disclosure due to case-insensitive Connection header processing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29054"
},
{
"category": "external",
"summary": "RHBZ#2444872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29054"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29054",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29054"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.38",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.38"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.9",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.9"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-92mv-8f8w-wq52",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-92mv-8f8w-wq52"
}
],
"release_date": "2026-03-05T16:18:49.230000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/traefik/traefik: Traefik: Information disclosure due to case-insensitive Connection header processing"
},
{
"cve": "CVE-2026-32305",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2026-03-20T11:02:42.394091+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote attacker can exploit this vulnerability by sending fragmented ClientHello packets during the Transport Layer Security (TLS) handshake. This causes Traefik\u0027s Server Name Indication (SNI) extraction to fail, leading to a fallback to a default TLS configuration that does not require client certificates. This allows an attacker to bypass mutual TLS (mTLS) authentication, gaining unauthorized access to services that should be protected by client certificate requirements.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Traefik: github.com/traefik/traefik: Traefik: mTLS bypass allows unauthorized service access via fragmented ClientHello.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32305"
},
{
"category": "external",
"summary": "RHBZ#2449595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32305",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32305"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.41",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.41"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.11",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.11"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2",
"url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-wvvq-wgcr-9q48",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-wvvq-wgcr-9q48"
}
],
"release_date": "2026-03-20T10:01:13.620000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate unauthorized access, restrict network access to the Traefik instance to only trusted clients and networks. Implement firewall rules to limit inbound connections to the ports Traefik listens on for mTLS-protected services. For example, using `firewalld`, specific source IP addresses or networks can be allowed. After applying firewall rules, ensure the firewall service is reloaded for changes to take effect. This reduces the attack surface by preventing untrusted external access to the Traefik instance.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Traefik: github.com/traefik/traefik: Traefik: mTLS bypass allows unauthorized service access via fragmented ClientHello."
},
{
"cve": "CVE-2026-32695",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2026-03-27T14:01:07.317898+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452235"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik, an HTTP reverse proxy and load balancer. When using the Knative provider, Traefik incorrectly interpolates user-controlled values into router rule expressions without proper escaping. This vulnerability allows an attacker to inject malicious rule syntax, leading to a host restriction bypass. In multi-tenant environments, this can result in unauthorized traffic being routed to victim services, potentially exposing cross-tenant traffic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/traefik/traefik: Traefik: Cross-tenant traffic exposure and host restriction bypass via rule-syntax injection in Knative provider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32695"
},
{
"category": "external",
"summary": "RHBZ#2452235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32695",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32695"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.11",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.11"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2",
"url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-67jx-r9pv-98rj",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-67jx-r9pv-98rj"
}
],
"release_date": "2026-03-27T13:47:03.645000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/traefik/traefik: Traefik: Cross-tenant traffic exposure and host restriction bypass via rule-syntax injection in Knative provider"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33433",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2026-03-27T15:03:19.672851+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452289"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik, an HTTP reverse proxy and load balancer. When the `headerField` is configured with a non-canonical HTTP header name, an authenticated attacker can inject a canonical version of that header. This allows the attacker to impersonate any identity to the backend, leading to an authentication bypass. The backend prioritizes the attacker-injected header, overriding Traefik\u0027s intended header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/traefik/traefik: Traefik: Authentication bypass via non-canonical HTTP header injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33433"
},
{
"category": "external",
"summary": "RHBZ#2452289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33433",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33433"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.42",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.42"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.11",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.11"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3",
"url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-qr99-7898-vr7c",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-qr99-7898-vr7c"
}
],
"release_date": "2026-03-27T13:49:08.455000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/traefik/traefik: Traefik: Authentication bypass via non-canonical HTTP header injection"
},
{
"cve": "CVE-2026-33805",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-04-15T11:00:57.611466+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458651"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in @fastify/reply-from and @fastify/http-proxy. A remote attacker can exploit this vulnerability by manipulating the Connection header in client requests. This allows the attacker to remove specific headers that the proxy has added for security, routing, or access control purposes. Consequently, an attacker could bypass security mechanisms or gain unauthorized access to resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@fastify/reply-from: @fastify/http-proxy: Fastify Reply From and HTTP Proxy: Security bypass via Connection header manipulation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An Important flaw exists in @fastify/reply-from and @fastify/http-proxy, allowing a remote attacker to bypass security, routing, or access control mechanisms. This is achieved by manipulating the Connection header in client requests, which can remove critical proxy-added headers. If reply-from or http-proxy are being used to add security relevant headers the attacker may be able to remove such information resulting in authentication bypass, privilege escalations or the possibility of jeopardize any further security control which depends on the removed request headers. This vulnerability have a high attack complexity rate as the attacker needs to intercept the communication between the client and the server to be able to manipulate the headers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33805"
},
{
"category": "external",
"summary": "RHBZ#2458651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458651"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33805",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33805"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37",
"url": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37"
}
],
"release_date": "2026-04-15T10:13:25.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@fastify/reply-from: @fastify/http-proxy: Fastify Reply From and HTTP Proxy: Security bypass via Connection header manipulation"
},
{
"cve": "CVE-2026-33870",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-27T21:01:59.865839+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452453"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "RHBZ#2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110",
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"release_date": "2026-03-27T19:54:15.586000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values"
},
{
"cve": "CVE-2026-33871",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-27T21:02:13.396015+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452456"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server\u0027s lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This important vulnerability in Netty HTTP/2 servers allows a remote attacker to cause a Denial of Service by sending a flood of CONTINUATION frames. This can lead to excessive CPU consumption and render the server unresponsive. Red Hat products utilizing affected Netty versions, such as Red Hat AMQ, Enterprise Application Platform, and OpenShift Container Platform components, are impacted if configured to use HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "RHBZ#2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
}
],
"release_date": "2026-03-27T19:55:23.135000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood"
},
{
"cve": "CVE-2026-33937",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:50.619819+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452523"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars. An attacker can exploit this by supplying a crafted Abstract Syntax Tree (AST) object to the `Handlebars.compile()` function. This allows the injection and execution of arbitrary JavaScript code due to improper sanitization of the `value` field in `NumberLiteral` AST nodes. This vulnerability can lead to Remote Code Execution (RCE) on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars: Remote Code Execution via crafted Abstract Syntax Tree object in compile()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in Handlebars that allows for Remote Code Execution. The flaw occurs when the `Handlebars.compile()` function processes a specially crafted Abstract Syntax Tree (AST) object, leading to the injection and execution of arbitrary JavaScript code. Red Hat products utilizing Handlebars are affected if they process untrusted input through the `compile()` function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33937"
},
{
"category": "external",
"summary": "RHBZ#2452523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33937"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33937"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q"
}
],
"release_date": "2026-03-27T21:03:46.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that any input provided to the `Handlebars.compile()` function is strictly validated to be a string type, preventing the injection of crafted Abstract Syntax Tree (AST) objects. Additionally, for deployments where templates are pre-compiled at build time, consider utilizing the Handlebars runtime-only build (`handlebars/runtime`). This build variant does not include the `compile()` function, thereby eliminating the attack vector. If the application is a service, a restart may be required for the changes to take effect.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars: Remote Code Execution via crafted Abstract Syntax Tree object in compile()"
},
{
"cve": "CVE-2026-33938",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:58.504001+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452525"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars. A remote attacker can exploit this vulnerability by manipulating the `@partial-block` special variable within the template data context. By overwriting `@partial-block` with a specially crafted Abstract Syntax Tree (AST) through a helper, a subsequent invocation of `{{\u003e @partial-block}}` will compile and execute the malicious AST. This enables arbitrary JavaScript execution on the server, leading to potential compromise of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars: Handlebars: Arbitrary code execution via @partial-block overwrite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Handlebars allows arbitrary code execution when processing untrusted input. This occurs if an attacker can manipulate the `@partial-block` special variable through a helper, leading to the execution of a crafted Abstract Syntax Tree. Red Hat products are affected if they use Handlebars versions 4.0.0 through 4.7.8 in server-side applications where untrusted input can influence template data or context objects. Deployments utilizing the Handlebars runtime-only build are not vulnerable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33938"
},
{
"category": "external",
"summary": "RHBZ#2452525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33938",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33938"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r"
}
],
"release_date": "2026-03-27T21:05:42.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Applications using Handlebars should implement the runtime-only build (`require(\u0027handlebars/runtime\u0027)`) to prevent exploitation, as this build lacks the vulnerable `compile()` method. Additionally, review all registered helpers to ensure they do not write arbitrary values to context objects, and avoid using third-party helpers in contexts exposed to untrusted input.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars: Handlebars: Arbitrary code execution via @partial-block overwrite"
},
{
"cve": "CVE-2026-33939",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-27T22:01:36.296267+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452508"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars.js. A remote attacker can exploit this by submitting a malformed Handlebars template that includes decorator syntax referencing an unregistered decorator. When the application attempts to compile this template without proper error handling, it triggers an unhandled `TypeError`. This error causes the Node.js process to crash, resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars.js: Denial of Service via malformed decorator syntax in template compilation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in Handlebars.js affecting applications that compile user-supplied templates without proper error handling. A remote attacker can submit a malformed template containing unregistered decorator syntax, leading to an unhandled `TypeError` and crashing the Node.js process. Red Hat products are vulnerable if they use Handlebars.js in a configuration that allows untrusted input to be compiled at runtime without implementing `try/catch` blocks or input validation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33939"
},
{
"category": "external",
"summary": "RHBZ#2452508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33939",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33939"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff"
}
],
"release_date": "2026-03-27T21:08:24.664000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Handlebars.js should implement robust error handling during template compilation and rendering. Specifically, wrap template compilation and rendering calls in `try/catch` blocks to gracefully handle `TypeError` exceptions. Alternatively, validate user-supplied template input to reject decorator syntax (`{{*...}}`) if decorators are not actively used by the application. Employing a pre-compilation workflow, where templates are compiled at build time and only pre-compiled templates are served, can also prevent runtime exploitation. If the application is a service, a restart may be required for changes to take effect.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars.js: Denial of Service via malformed decorator syntax in template compilation"
},
{
"cve": "CVE-2026-33940",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:42.813017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452521"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars.js. A remote attacker can exploit this vulnerability by providing a specially crafted object within the template context. This crafted object, when processed by a dynamic partial lookup, can bypass security checks and be interpreted as malicious code. This allows the attacker to execute arbitrary commands on the server where Handlebars.js is running.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars.js: Arbitrary code execution via crafted template context",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important arbitrary code execution vulnerability in Handlebars.js. The flaw can be exploited when an application uses Handlebars.js with dynamic partial lookups and processes user-controlled data within the template context. Red Hat products bundling Handlebars.js are affected if they meet these specific conditions for exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33940"
},
{
"category": "external",
"summary": "RHBZ#2452521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452521"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33940"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33940",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33940"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6"
}
],
"release_date": "2026-03-27T21:11:10.719000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this issue, use the runtime-only build of Handlebars.js, which prevents the fallback compilation path from being reached. Alternatively, sanitize all context data before rendering to ensure no non-primitive objects are passed to dynamic partials. Avoid dynamic partial lookups (`{{\u003e (lookup ...)}}`) when context data is user-controlled. Implementing these mitigations may require application-level changes.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars.js: Arbitrary code execution via crafted template context"
},
{
"cve": "CVE-2026-33941",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-27T22:02:54.583022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452524"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Handlebars. The Handlebars command-line interface (CLI) precompiler concatenates user-controlled strings, such as template file names and CLI options, directly into the generated JavaScript without proper escaping or sanitization. An attacker capable of influencing these inputs can inject arbitrary JavaScript code. This can lead to arbitrary code execution when the generated JavaScript bundle is loaded in a Node.js environment or a web browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: This flaw in Handlebars allows arbitrary code execution when the CLI precompiler processes untrusted inputs. An attacker who can influence template filenames or command-line arguments can inject malicious JavaScript, which executes when the generated bundle is loaded. Red Hat products utilizing the Handlebars CLI precompiler in environments where untrusted inputs are processed may be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33941"
},
{
"category": "external",
"summary": "RHBZ#2452524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452524"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33941",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33941"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33941",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33941"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2",
"url": "https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9",
"url": "https://github.com/handlebars-lang/handlebars.js/releases/tag/v4.7.9"
},
{
"category": "external",
"summary": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf",
"url": "https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf"
}
],
"release_date": "2026-03-27T21:13:15.437000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure all inputs to the Handlebars CLI precompiler are thoroughly validated, rejecting characters with JavaScript string-escaping significance (e.g., \\\" , \\\u0027 , ;). For automated build pipelines, configure a fixed and trusted namespace string via a configuration file rather than passing it through command-line arguments. Additionally, consider running the precompiler within a sandboxed environment, such as a container with restricted write access, to limit the potential impact of successful exploitation.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-23T14:43:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:56cb90d67267ebd08bdfda825c0a00c7ffea666ceab68f50892420c04c393cfd_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:6ced7da0ea3bd692379aff9f94c54c7593841a15913ac499de3af20b092db729_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:ab17ccae17238a74cafd6fdd33263f5c882ae15cbc81dfb02723694a7c360ce1_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-rhel9@sha256:baccc8bb116ef4d28dab809f404bdf5e45c2e55322ba1460da358c514f5cf2a5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:215497f67b822c565fa6768950a94ba03379d772f67ad17e27721094c4d10ffa_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:45b9dab6a3009aeb058509314d216b8a100962d8a191ad0e10b317652425dcfc_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:70cca9c1fe458d00f4cf7735ed87b070d12060110d93abf0dbd85150e89a2d66_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:f7d3433f5dcaca8469c987c43cdd6e61477f0197088f9fff043d36dd5e81b89f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:24a3b1ec2d7d0550c64845b92f19b2edfadb27dcebbe1c97f18b99304f872b4e_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:59c9346bf39f7ccda10b4859c7e97d618f0e8304fb4b00cc43f89889784f2dde_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:977f8f7267f8d125ceceb83842ab4a694a7f9f9b128fd18cd95a563268d00ea1_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/configbump-rhel9@sha256:cb03babff3a4a782254c6ccf6552e92c8569f79492cc181fc99e6912c1feb6e9_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:13738c2b11bdbfe22d91bb0621a501c0c1ab87b9b386d42b7ae113ffd8d323ff_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:25dbcc4a7decb9c274715c585d61a6caf3baa5d48258377ac364eae20a51d2c6_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:339aa11adcbee1feadc4d56961f5dabd61790c92914ea11161a6573bdef8822e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/dashboard-rhel9@sha256:633f8dde6d1247cbccacac6cd7b96c6072c8324d80f0975bcd758fb8a3a30615_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:961edfa27ff733d7579fa404afc736fbf2a06b9925afa21117cce72df5fae379_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:1b352d90ac53831bc57791941f2599aeaed1ae8ed20f9d3741bc6437280dd6a2_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b725dd7c6820096309e8ae1bdce5c04c273dba3087a45f077c332bb255e58a17_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:d05c45444879964a4967b859bf350cb0af320636b752b87aed2e89439ecb20c6_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:dcb526cfbfab7edfdad8f75e572f3ce9a2620599efb1b47a306bb9e39eb9ae0d_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:3bc28b9aad6ba4d8c9d29b909aa7031ec610f9faec927111434d7d93dacc511e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:6b3e4729274a6d9b8056c806cbd85d8cc5009df5212d506a09f7d5520bb61dac_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:926b1e278e1e4f5e3ac9bb48b363b52fb4828b63d652e75feffa25a5c4803843_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d3dcc6ef11235469669ea0398824060cda322cfc2dc2f36a481e6de8d41b926f_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4008a58bf876fe38017bfad1b7cbb5510d5e919600d1b59d439b8faadc336932_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:7e061e4d402706fbad01d755aee25b636e05d47ddf6badd28b6ed799122262fd_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:de2b07f33ed8acdee2c312c08961a71629477329b9212edf8f95a00ab46f0418_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f72fca1d67a2faefbbe4725614be7d10df4b91b18d34e744d71a97f27376dce5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:1d3a53c6688db4d8f8ff853003c96de2fb4d88c6274c2b32d3002eefb64d48d8_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:4065b1d8a2e685fe4e0710dc55670ec7f5b189d09331f036e3cbf69929b2d38d_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:5df884a70037f56dc852b4f4ec8a6e49ddea327c5c744d5bf21b3dcf0634bc45_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/multicluster-redirector-rhel9@sha256:7933cd708f57493d33d32620fa888856b714c343572cf5e84fa80b3bdb1e990a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:12650f16ec1d9a079736da2d7e7428c791ae9a105bc0237814b9a2edd9f9a0ae_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b2ccfa151d86315f1973d9cbfb1d3564e9daea8e4eac04e6f7b9e06f4521fcde_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:bf8c28c1dbed78077a84baf2d43bb0119c37a088a480121395aefcceb89b066e_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d0882e222cea223cd64110ecfdf6dfdbe4faa7526c31293d304367bf9bb6f16c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:27e30c7cede8d846cac4c623e84c6791a64b918136c5b781e9e885139fe237fb_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e224aebfad7c18649dfba4361bc0a77e937da1e69c230efa25ea2f6e1f9b17c2_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:e832fb5a60f8a5180462458de7f410d01d8423473c4501b1b2e64ee606cb19b5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fb7eb298c502721c2dc77cf25d073681b9e5a4d6a7f5b1107f70bb8f787d273d_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:57b73c1ca124517557ba4b054c6367f0c045f588ec03a41e97184907562ca4e4_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:7ba3f74dd8f72ea794da3073340c12377551aa77094c5c48ba2011e8fb8170dc_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:88bedfc47deb5194aa15c18880111e810768428621168877a6316d394e1d8297_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/server-rhel9@sha256:d97641f5881f1210f5ec6a95129cd99f232d24ee3e9eee2b3ad74a9eecf429ca_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:179efd9379165b0e7992d0cca5e2c94cb25412153ea333e4c01d693bf64ad736_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:34f8243809fb492094eb221362addaa91ab8d2dd9f233383328b695bc1f559c4_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:cbf71be94cfa5f2eaee079395261f3130b8857f38f210f5732280d30a792492c_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/traefik-rhel9@sha256:ee3f68c28619e2af980739a351305c843d0ebb8bc98bda61e77cfabbb2e11641_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:02d89848ea471688663827250f824a48af4e29bf7c0cd4713182f234df48826a_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:8e1683ff5b33202e909ab53a9adc5b86997d25d33f8e1063083914e5189540f1_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e1dbd1f05eda40b0a87e7ea1d9f0ca59dde6a51981c0b9efba5f2e5512b323e5_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel10@sha256:e6a901d3572a786dcee22b4d7a80547cbfe8cb2dba212e2f9e76a1bc897caa9c_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:08f1525029ca83ecc0c44129d6dc5902af62043b5ef3779f8d91d6b603427aa3_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:17a4a50ceb0a87dfab7ae88d04f0dca528af15b15c45b04f44e631a6ffdab420_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:9d1263ca381ca4a9e320baf7694c530ddbf21685b9cdefc6717e833c9876d26e_s390x",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b65e3d437cb6f5a9c14b94f0f8e1b19260e740a9bdaa2655a1641c8dd4bb67e5_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:0c7e182dc31c12b24b589224202b3231e400367dda68fa5b670a60219d1ee0ae_amd64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:44aa34d856b0d25407327ba3c0a29f45543976a4500093a589998dc846a6c88f_arm64",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:6bea432af6f2d9217fd722326d5c5ca00d205d98f386bd1d23aa1abadda7814c_ppc64le",
"Red Hat OpenShift Dev Spaces 3.27:registry.redhat.io/devspaces/udi-rhel9@sha256:7c510843d926a2de666d22edf9edbefaa0025d5e2a002c6519d79fa820a1faa1_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
}
]
}
RHSA-2026:11070
Vulnerability from csaf_redhat - Published: 2026-04-27 20:25 - Updated: 2026-06-30 05:54Summary
Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Vendor Fix
fix
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Threats
Impact
Important
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
8.3 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
8.3 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 | — |
Workaround
|
Threats
Impact
Important
References
51 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11070",
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35469",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11070.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update",
"tracking": {
"current_release_date": "2026-06-30T05:54:56+00:00",
"generator": {
"date": "2026-06-30T05:54:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11070",
"initial_release_date": "2026-04-27T20:25:56+00:00",
"revision_history": [
{
"date": "2026-04-27T20:25:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-27T20:25:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:54:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Af41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ab950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Adbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ac2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Acfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Abf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adaf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Af6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ae8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ae4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aeafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Abb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ad639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-35469",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-13T03:52:35+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw affecting OpenShift Container Platform. An attacker with specific elevated cluster roles, such as those permitting pod port forwarding, execution, attachment, or node proxying, could exploit a vulnerability in the SPDY streaming code of Kubelet, CRI-O, and kube-apiserver, leading to unresponsiveness of these critical components.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "RHBZ#2457729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
}
],
"release_date": "2026-04-13T23:59:59+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T20:25:56+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "workaround",
"details": "To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:7a51bab1a606cd7472ae715d80d1cc2a3b9c86869644354d4b4be83f9a320392_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e4ca37e827701d9602ce7816f39911b0808df9d2673c96731385d76f59808046_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:e8924e76615b9c5d4c04a69ad4f7f2e529383df89e1fe285077b6f4055a1f429_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:f41ad57372406f83d689f7be8edf05088c32c3c98bb349d0da1658433030c465_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:190480aab6dcffb2c38cb6476f7ee1f153deeb88d9084f6fe40d1e9b23c372f5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:bf4636b3a9d9b0923f4c593f3fd475d81bee15e768561375b62c198dbe018655_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:dbe8d3be4da19c7da99bc8d207cb9b2abf65287746d53afa5abfad84871dfed1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:eafe2ea60b4ee8812051759389eece3a2c162b83783daf3806f0945666c9e698_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c2fb8cbfcb4398c8bcfc6fab634217c3b0f6d33ecb8247b31ab77647f5590a4c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:1355a9c838c47a45c9960a89c6e3df85be67b57f664174fdb922f25e5a4343e1_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:3bbc3c4278796a92f26478c29c2033c3ba6946db18cb3e193ceafc70e767a260_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4964c491550d58f9fb7467e659805c9a51b06a20815d25e20b20524b2ac758d1_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:4d728922091dff892202980f8068e66be31dde114535efcab70990e452ff31f4_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:0085ef40238991f5845e814b8af029bae0f86df2b1267db1fc7b183e153261f6_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:134b59523553994370da4c6150b93b468c79b1ee3d7d465537cc377236b8e709_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5db206a3db9db541be25b7694c68b3e7d8d2bb17ec9f6004c34ecc270aec0635_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7327f147b034bdc20c2edab166ae3907862a84c5e2ee77fdc1d97a031c0d5956_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:301076ae814c3a25c0d21bb3dadc8e4cd1389240f29516a391fbdee3bc6bbf2d_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b6b1312c3bc3584bccf21f193349b5fa42c569cb09a9a2c4c486c195397d520_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f2ae822b677e41b413b2f597a14ef9b32c36ac25952cc6331aa9a0ff1d55f6c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8510ad2a751af9c1af29b7a4bfdd0c361e413de06d60615ebce658d8d4aab941_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2719a3e55cd5e055500e752bdac602e93c1e02e46e7c52d7c3c0b2c80bd66f2b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2e5be565bbd32f08ab97c20a7eb82dbd2a41edbb484db394efee0307110ace8d_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c35672d560e24548ca015802c76b626e205e16fda6a4f0fc4957b1092f11bedd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cfbd0351460f7fcfaa3100e21a7e099ec66bb5a4bae3a24289cff3e95c882bae_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code"
}
]
}
RHSA-2026:11217
Vulnerability from csaf_redhat - Published: 2026-04-27 23:24 - Updated: 2026-06-30 05:54Summary
Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Vendor Fix
fix
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Threats
Impact
Important
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
8.3 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
8.3 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le | — |
Workaround
|
Threats
Impact
Important
References
60 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11217",
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35469",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-4811_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11217.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.11 security and bug fix update",
"tracking": {
"current_release_date": "2026-06-30T05:54:57+00:00",
"generator": {
"date": "2026-06-30T05:54:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11217",
"initial_release_date": "2026-04-27T23:24:47+00:00",
"revision_history": [
{
"date": "2026-04-27T23:24:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-13T08:38:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:54:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ab950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Abdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Af1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ac6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aedc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ab4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Adaf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Af6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aaa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ac5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776418904"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aa8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Abb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ad639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1776727747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1777307791"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.8",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-35469",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-13T03:52:35+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw affecting OpenShift Container Platform. An attacker with specific elevated cluster roles, such as those permitting pod port forwarding, execution, attachment, or node proxying, could exploit a vulnerability in the SPDY streaming code of Kubelet, CRI-O, and kube-apiserver, leading to unresponsiveness of these critical components.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "RHBZ#2457729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
}
],
"release_date": "2026-04-13T23:59:59+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-27T23:24:47+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"category": "workaround",
"details": "To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5fab4694b598d616ca775835520c8d062940bec75a5bd820b2290134529b280b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:677f693e3db20c1f56c9d51905fc45b7ea1efce12e3fc6cf90486f2c9f1d21b4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:aa5d6eb26500ce81f59a43047d24e9a7eaea4e1d3ab4d428e05fb1298aef1b97_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:edc41b3c96f9dd9bd96851d4d6cce65a23da484af08b48caba90570960a2e53a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4c594546133a2b8ffb3f142ea1e0d2353e47192f497931b6e81bc6e348f8b221_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:75b567224f0a92727d96d78609e8b896adf742c0bb2c4c29c7d2f6cf4f1c899a_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:8fb531d320ca0499582878bca05bbc0f1ed8a5211d219fc6705e398972010f7f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:b950a88c68312126e9d448ccc4bca130733d8f8d54cc38ca1a697bb4199d5bbb_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5804b537b255c13107f7ab6d48b445c4210f4274e19a011d37b3302b35a965e5_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:73f57091087f8e418c77f29624916bbf9f668c6ff172e4da93d3b1fea3234642_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a8008b13ae24b0ccc4ab75e1642e2eb995e7d5e62e18acc5383b413fc6c06cb3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b4a010d33119f95358539599665929e003dc366c73bbdbcf06d37f4e086c77c1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:0b617b6f12fe77636cbd3036d07b299165acb932edd407cc066987026c51bc2f_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:24732ee9e493c03e816d0ccc4874f9f27211a7de11fc8f345f0976c9e72d8210_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:91f791cb74011fb5e0832dfb50864d33439ab94deed91fe248430e63350617a6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9ef18af4c57b3f67065233e46129887d9b703fe65f39cecc83f41e3ba18542ce_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:bdb808907802ae12515143661358af8e374bb635f48bc89d983b3f2cf5360d21_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:3290bf6033dffb72084afd9eb038f0268b76ea1112121e587da172d7cd432e68_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:958128da0821405d5dccc557c61336b9d19eb752eb54e667dbca3bc1ea97ec85_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c5c8f2959b593149bfc654e5c212144c1640441d6512d91b0c0ed6a7b9474cbe_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d769ee8de44cc320ffcc68e76f43d63a381207362a9ef1e182912aaffa1a4dca_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7f9e747c719f1afd49cda081cb4c3f3b7781a69a885c588e5ca1975d7fca7a75_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac3505103967758b81d8aaa7b026aee83a8fee477bf629c280d9e867ea229376_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b5aacc4fb7668db525a499bbe7561910f0c563afb2503280745ec6a344063df3_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d639affbc1ee9431f734d8ab9bde34bf7cd29be42d6fbb07060ba02849aa8722_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0a93ca98cec909febd731a080362e5c371b8cdc1aa8772a632a012c2c915166f_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ab6f139ae0d09334b2b5e499357b0fa14dae54c7a76560d5710ebb3d8fee5bbe_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d88d142a7f919f6eff8f66c75fdffe3c0efb904273ece05488aad1153c89531f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:daf11d42d49186f0b1dae8c4be0bb48c7009edbdc25bd84c54bbcad78a9a56ad_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:030180ba7545abfcb87c1e777889d1e23dc44e8e8fb1dbe1ab271ad9f5a4c5b9_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:15481465f2235fc95d36d057ea4dfdb15eee9357aa633627e6367c5adcd08536_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:bb23354b4fa307936ef344d6cc5fa070aaeddd41fb689a18074d2bfa3ac99fa4_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:f1fe398f88b8a6ec2cf87b7d09442de5e5c20d84f6f4a2a3de5bd7f46d2894b7_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:134318dd1871cb7ba5227fcf76f5fd58c695f652ee2f7a21e9478231cd548046_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5a36b4c601c1bdd63fda2d8ce091e9b1de3722a2b7d2b1c3a315fd0d4f722b8c_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9b97a9b3b37059dfe3cb65ae8518b1c63723ae47b35bacc8b53a62992f50a900_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f6cfa01a26be47fb5e8c7169aa33f18dbcdacb064c1cf425c322dfc4f1164305_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:08624e44eb42590abc4e4a745c3fbab9dc5688990f106137310bda05b76df69b_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:135321dc6a5cdb09491c3f2cbceb85580e375702a1c59cd0f0132e5d31a93e55_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4686585e005415d888f1a4d9d9b51fc1dd52c91510be4e4797efc59a9777101b_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6eb2c7591ec559ccbe154b5fabedf0fe273251f7b47ab247a080f2a041da55e_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:02dbaad4b927c4238d24897704cdcc03467fc8ec2d59ee4b5417b7ac9f15f6f9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:6738e7b27b4caa6f1af635709ceb260269d7e82b5a3473d57bda18e8fffd25dd_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8c646f72eee74416d1994de422e29bc76973ed3fdd9e0751769b739f402d55f7_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:96b78dce12edbb414d79979d6a396da934c6f019554597f4ded6c23535240629_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code"
}
]
}
RHSA-2026:11512
Vulnerability from csaf_redhat - Published: 2026-04-29 07:00 - Updated: 2026-06-30 05:54Summary
Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.7.10
Severity
Important
Notes
Topic: Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.7.10 General Availability release, with updates to container images.
Details: Assisted Installer RHEL 9 integrates components for the general multicluster engine
for Kubernetes 2.7.10 release that simplify the process of deploying OpenShift Container
Platform clusters.
The multicluster engine for Kubernetes provides the foundational components
that are necessary for the centralized management of multiple
Kubernetes-based clusters across data centers, public clouds, and private
clouds.
You can use the engine to create new Red Hat OpenShift Container Platform
clusters, or to import existing Kubernetes-based clusters for management.
After the clusters are managed, you can use the APIs that
are provided by the engine to distribute configuration based on placement
policy.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace. The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected. This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode. Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.
6.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64 | — |
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le | — |
Workaround
|
Threats
Impact
Important
References
15 references
Acknowledgments
Red Hat
Omer Vishlitzky
Nick Carboni
Riccardo Piccoli
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.7.10 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.7.10 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11512",
"url": "https://access.redhat.com/errata/RHSA-2026:11512"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-7163",
"url": "https://access.redhat.com/security/cve/CVE-2026-7163"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11512.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.7.10",
"tracking": {
"current_release_date": "2026-06-30T05:54:59+00:00",
"generator": {
"date": "2026-06-30T05:54:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11512",
"initial_release_date": "2026-04-29T07:00:38+00:00",
"revision_history": [
{
"date": "2026-04-29T07:00:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-04T16:12:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:54:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.7",
"product": {
"name": "multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.7::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Afca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360557"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360597"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Aafdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777205772"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Ae689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360557"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3Ab1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360597"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Aab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Ab53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777205772"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Ac9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Ad73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360557"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360597"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Ae92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Ac58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777205772"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Ae77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Af62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360557"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360597"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Aaebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777360530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777205772"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64 as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le as a component of multicluster engine for Kubernetes 2.7",
"product_id": "multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Omer Vishlitzky",
"Nick Carboni",
"Riccardo Piccoli"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-7163",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2026-04-27T04:18:06.534000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463152"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. \n\nThe credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace.\n\nThe affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected.\nThis issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode.\n\nSuccessful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "assisted-service: assisted-service: Authenticated users can gain administrative access to OpenShift clusters via credential disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability affecting on-premises deployments of Multicluster Engine (MCE) and Red Hat Advanced Cluster Management (ACM). An authenticated user with namespace-scoped privileges can exploit a flaw in the `assisted-service` REST API to retrieve administrative credentials for OpenShift clusters provisioned through the hub. This grants unrestricted root-level administrative access to affected spoke clusters, stemming from the `AUTH_TYPE=local` mode\u0027s unconditional administrative access with a valid local JWT, which is exposed in plaintext.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-7163"
},
{
"category": "external",
"summary": "RHBZ#2463152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-7163",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7163"
}
],
"release_date": "2026-04-30T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T07:00:38+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.12.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "assisted-service: assisted-service: Authenticated users can gain administrative access to OpenShift clusters via credential disclosure"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T07:00:38+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.12.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11512"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:4304b5faa3cecb148a078c5b508489d7e901c67c4d7e1309b09880e1893a801f_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:c9e70bb2b1563c884d170139be052cc6d9f4dba9a6f7391d7cbdb91470117dec_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e689f98a4488dca31ed5152cab535528975a91daadf901f5d960e51d60d15213_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:e77bc616611c024f7d59edc9962fe9011bd8252f0379075979e00bffc098bac7_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:10522a9c015a3851fb92dc3c11096cce8d425dbb9737559a2a2bdf96c0bc8c90_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:492f890a7c362aef38bc37026e7e876347dec0bbb539c3500e86c251fd8a6542_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:516da59066a260be9c0b4c0f88138aa6b4838f1cd0c2ae5707c69dbbf2094014_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b1afae748ebd50608980fe07600ee777ac794fa8f896fb14b5b23bbee07c7cb2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:241cd995577155ae308e7854c5f2a55aa106a359c812fb7d346aeb5c5daf6c33_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:ab6d71605f3af774dca68c16cb34be8336d42974aa58e273ee54a233c407ade4_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:aebee16917807234bd1a55d11636a477da2e2889e7258590e114a1160ffcb115_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:e92e8ec2f138a30ee2876de9eab449d3a94f5fbeaed645e8b0eb6f6ade63e4f8_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:58096085243c570e45bebc86abffff5f406ed2d8fb5ec1cad8171b4a1a2d21d2_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:d73847b79d7ab5835630fcef3afd42f7939195b46a8d046c7a6719c44d1d6cb3_ppc64le",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:f62914040f263a6262eb474f0287f3a2fae152d2e0d9d0d46c1303847157082f_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:fca2e432bd533cdb9e296199cf397eca24b701efe2f56e1959801455c287ab51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:09d51fc2ad83b60575616be21d8c728856689d718f1faddf2377e6127adb7de6_s390x",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:afdc9e8438e456445cc5ebeeb889b5eba0944a6d7f2d822f7d7360b0476e1a51_amd64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:b53af57794980ee5e2ff7ebc1de3f06b61fd9da93174516ce0a4b39b47bb1335_arm64",
"multicluster engine for Kubernetes 2.7:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:c58e21effc6a0617bb6b2077c4751eab19af05bb3aed49dbefaf13cc07508841_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:11688
Vulnerability from csaf_redhat - Published: 2026-04-29 12:20 - Updated: 2026-06-30 05:54Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.15
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh 2.6.15
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh 2.6.15, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.
Security Fix(es):
* istio-operator-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* istio-cni-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* pilot-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* ratelimit-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* istio-cni-rhel8: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)
* pilot-rhel8: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)
* istio-rhel8-operator: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* istio-cni-rhel8: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* pilot-rhel8: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* ratelimit-rhel8: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)
* istio-rhel8-operator: possible memory corruption after bound check elimination (CVE-2026-27143)
* istio-cni-rhel8: possible memory corruption after bound check elimination (CVE-2026-27143)
* pilot-rhel8: possible memory corruption after bound check elimination (CVE-2026-27143)
* ratelimit-rhel8: possible memory corruption after bound check elimination (CVE-2026-27143)
* istio-rhel8-operator: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* istio-cni-rhel8: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* pilot-rhel8: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
* ratelimit-rhel8: no-op interface conversion bypasses overlap checking (CVE-2026-27144)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.
8.1 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.
8.1 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64 | — |
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le | — |
Workaround
|
Threats
Impact
Important
References
50 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 2.6.15\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 2.6.15, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n* istio-operator-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-cni-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* pilot-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* ratelimit-rhel8: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-cni-rhel8: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\n* pilot-rhel8: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\n* istio-rhel8-operator: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* istio-cni-rhel8: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* pilot-rhel8: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* ratelimit-rhel8: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* istio-rhel8-operator: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-cni-rhel8: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* pilot-rhel8: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* ratelimit-rhel8: possible memory corruption after bound check elimination (CVE-2026-27143)\n\n* istio-rhel8-operator: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* istio-cni-rhel8: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* pilot-rhel8: no-op interface conversion bypasses overlap checking (CVE-2026-27144)\n\n* ratelimit-rhel8: no-op interface conversion bypasses overlap checking (CVE-2026-27144)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11688",
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27143",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27144",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-25679",
"url": "https://access.redhat.com/security/cve/cve-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-27143",
"url": "https://access.redhat.com/security/cve/cve-2026-27143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-27144",
"url": "https://access.redhat.com/security/cve/cve-2026-27144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-32280",
"url": "https://access.redhat.com/security/cve/cve-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-34986",
"url": "https://access.redhat.com/security/cve/cve-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11688.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.15",
"tracking": {
"current_release_date": "2026-06-30T05:54:59+00:00",
"generator": {
"date": "2026-06-30T05:54:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11688",
"initial_release_date": "2026-04-29T12:20:23+00:00",
"revision_history": [
{
"date": "2026-04-29T12:20:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T12:20:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:54:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 2.6",
"product": {
"name": "Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-operator-bundle@sha256%3Aeb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777381347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3Afb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777374598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3A127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319952"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3Ad05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777320087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3A099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319850"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3A2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319773"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3Af407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777374598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3Aa9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319952"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3A9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777320087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3Adc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319850"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3Adb7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319773"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3A8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777374598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3A04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319952"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3Afa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777320087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3Ad7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319850"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3Aed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319773"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256%3A55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777374598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256%3Ac8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319952"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256%3Aa7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777320087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256%3Ad9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319850"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256%3Abdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1777319773"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T12:20:23+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.15 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27143",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"discovery_date": "2026-04-08T02:01:29.491546+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: possible memory corruption after bound check elimination",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "RHBZ#2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://go.dev/cl/763765",
"url": "https://go.dev/cl/763765"
},
{
"category": "external",
"summary": "https://go.dev/issue/78333",
"url": "https://go.dev/issue/78333"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4868",
"url": "https://pkg.go.dev/vuln/GO-2026-4868"
}
],
"release_date": "2026-04-08T01:06:57.168000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T12:20:23+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.15 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: possible memory corruption after bound check elimination"
},
{
"cve": "CVE-2026-27144",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2026-04-08T02:01:22.896153+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: no-op interface conversion bypasses overlap checking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "RHBZ#2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://go.dev/cl/763764",
"url": "https://go.dev/cl/763764"
},
{
"category": "external",
"summary": "https://go.dev/issue/78371",
"url": "https://go.dev/issue/78371"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4867",
"url": "https://pkg.go.dev/vuln/GO-2026-4867"
}
],
"release_date": "2026-04-08T01:06:56.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T12:20:23+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.15 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"category": "workaround",
"details": "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as \u0027any\u0027 or \u0027interface{}\u0027) just before a move operation, refactor the code to use concrete types or explicit pointers instead.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: no-op interface conversion bypasses overlap checking"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T12:20:23+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.15 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T12:20:23+00:00",
"details": "See Red Hat OpenShift Service Mesh 2.6.15 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:04b1ac41f2359886a4bd8c7103a45cc60397b69b7a79c18aa6124ebe09b2d9a4_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:127eeb73112e219027af60fc73f78b313ca4660b3a7c472bae711d7278d886a7_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:a9dbef80d591e7bbb95681fb19183858e309a53463ee83fd6da288261b531590_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/grafana-rhel8@sha256:c8f38b059dd071540e71a5d8ca7ccdd75650dd9d6b61163920bea03d8fede00d_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:55eff6f4571c6f9ac79071da166328cff43afe999364cf3a1b6428896ea65f01_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:8bb141f2442e991b11c3ae22a771f5f4b4c8de2f061430bcc66dc0d9fb0eb680_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:f407418a60bc916c97e83d02bb20686f830cc1669fedb9dd7da2e5aed1059567_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-cni-rhel8@sha256:fb4c5046d41ceb03b06a1cfeb6cd1e23800291fdfa63bc9f4d83a6d66319d815_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-operator-bundle@sha256:eb939796d4c218cf2dcb1f74452a4f1928076aed130b84a2cd7da07ffc24a929_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:9a557accbe2e00e916ee963375318b32904a7977db79c12c323de12fdfde0fc9_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:a7f0ac59b0f01e16a648e84611752884974f192ea6b59c36edc883662bee0145_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:d05d3c0323f54ba53fae5cd72ba80b352ebf4dc4140664515f3e004cada71aba_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/istio-rhel8-operator@sha256:fa2ddb85a7778159e908f8985dd249c1ade12999469c47705ea9ec421d63a865_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:099139a263a6ad38795c1fb9c0441289b630b2fa35925c022c4e75b541736717_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d7ce936cea6082357f4849eca746af432a4082d73f76146999cbf1bba3961751_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:d9d39f4355dc3467a8d5266516c9d6ef63d452d4e8e7e5f4fb7233f9fcec621c_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/pilot-rhel8@sha256:dc39732c6580eab197d18d3cf347ca4996cc3d6901024332ffdb09433a42e14a_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:2627fd45d7d117d3c3ea75cb1dfe8c013b2ae167faefc08053f4b794415f9ab1_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:bdc7508446fb198445811e678f91712f9b1d50c4e709bf65d9760ac8879937c4_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:db7c7d745d2f18ac440ae62cbaa4dbda49c842253e00a4a8d36e61f843789619_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/ratelimit-rhel8@sha256:ed56d6fb026e175877f9be146497802beb0c52bf35b11ebb3e7fce9f969f05f4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:11856
Vulnerability from csaf_redhat - Published: 2026-04-29 17:11 - Updated: 2026-06-30 05:56Summary
Red Hat Security Advisory: Red Hat Quay 3.12.17
Severity
Important
Notes
Topic: Red Hat Quay 3.12.17 is now available with bug fixes.
Details: Quay 3.12.17
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
No description is available for this CVE.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 | — |
Workaround
|
Threats
Impact
Important
References
50 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.12.17 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.12.17",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11856",
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11856.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.12.17",
"tracking": {
"current_release_date": "2026-06-30T05:56:20+00:00",
"generator": {
"date": "2026-06-30T05:56:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11856",
"initial_release_date": "2026-04-29T17:11:19+00:00",
"revision_history": [
{
"date": "2026-04-29T17:11:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T17:11:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:56:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.12",
"product": {
"name": "Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776698050"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Acba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776698909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Adbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776698050"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ac5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Ae2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776888642"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aa696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aaf6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ab615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ad682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ab64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697488"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776798011"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776697568"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776887968"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ae7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776752646"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T17:11:19+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:53d2838548e77931e94f9bcd85e941fb694b28a3585d280ddcb761344d2845e6_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:65503333e10391dca7854bd07dc161288cc00b1a722533e42af1e2c4c3c0afeb_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:8185411ec370b562124ed94598c1dc5128f7b4eba2612d59a0b0b5c767a2a697_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:d682a5dd2a55034acfd3fe24b70526d1f514cf7e058aa51505d72537045cf3be_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:cba47e962ec1b6b6f68cea1b231e4a69f8e8ec25067b6e603ebeb268c9fc1ee0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2195b3586d18555507672ce46cbe7ca44fc89271217f4d10c4a0f709d63a2ad9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:4454746edc32128a37ab4be8b97c99b87fd8d85fc2199a2d80834ff72f9790d5_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b615e4d4f9d80660cd340c20df280f0387049f5940f7bb2812d2e3bf325a12f9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ff9ba83cb0a4505d9bfbd5b0826400b0d3685572e8f599a2813f1462c8a2c310_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:dbdd7ba0477474b50810b0950c8e50171b2327f81ad14ff02ba34cb69885cd45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:523a51c7c519af386cdaebb7e67971f0a05a7b31fb6683be852a291aada8201a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7ce1aebe1c0916ab52b66902127625b13c19231ffd67b24c8606a0131f19d4f9_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:8e02861c489702fb5b0ecb60c8b4e9bb6a14a5f026ceee9fee482891cf7dd61e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:c5fdf182c5b34b44e21971af93272ac07a2521c3d496b6d92c0a3a7afe3bd362_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:7551505ec9af37fd96ad9a226a475d3d7169eb7d861c4f45cd490ff1f0fae1d3_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:64b287be516147f19f83fe4ac93471de19a8bcc1e3489d7298b734ec26d45aab_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:943fe18122c39717e8874df366a9d8cb2e98572e62af6773445b6328b38b9b0e_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:af6903e508dc41730b05d855d363f53c0e8efcb327429b59cbca959a9cc6aaf1_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ee5eec8ed546799aa60d3181f45810632ce280a310a0f75fa847d8cfa0a7690d_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:e2e10580ca1783ac80ea08851c21f4accaa284951d7a909a59d3484ec3077163_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:0578be0cbc9bbbdd5bf86e5bbc15d1741f654af7149efdf184d300f6a3c0b86a_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:18da4574e93bb4cdf09757ad095257912cfdf8506546d83b2f705fbb9d067282_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:2a5eb683e47b2f8e1d02546ff6a640c984e71a9e657112243da082aea47d7af8_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:a696f5af8140d39bf5528d1efc1affab93050fb764c0e6d09c61f819375be139_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:3c87ef209deb488a3c37626273123280364972c155ae53d986fbc784bf219892_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:6af0be7e815a0c1db832025550381df8869a824393be8025d4cceb7e610619e9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:b64f0e80cebf4fe945fa945a9df2796c463cb3026a7cfd32e9ab2fc98528b7d3_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e7316f47c02a052e731b15ee00e9bb0ed4a9a1dd19f5b2423150e83ebcb010dd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:11916
Vulnerability from csaf_redhat - Published: 2026-04-29 21:18 - Updated: 2026-06-30 05:56Summary
Red Hat Security Advisory: Red Hat Quay 3.10.21
Severity
Important
Notes
Topic: Red Hat Quay 3.10.21 is now available with bug fixes.
Details: Quay 3.10.21
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
No description is available for this CVE.
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Threats
Impact
Important
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x | — |
Workaround
|
Threats
Impact
Important
References
59 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.10.21 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.10.21",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11916",
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11916.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.10.21",
"tracking": {
"current_release_date": "2026-06-30T05:56:22+00:00",
"generator": {
"date": "2026-06-30T05:56:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11916",
"initial_release_date": "2026-04-29T21:18:39+00:00",
"revision_history": [
{
"date": "2026-04-29T21:18:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-29T21:18:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:56:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.1",
"product": {
"name": "Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Adb1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776785871"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Aa85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776785891"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784548"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776706008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777302567"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777303274"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Adcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776736910"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784548"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1777302567"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776736910"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aa39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776784548"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1777302567"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Abf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776736910"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-29T21:18:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:0a65832e2056a4f317afc7aaffa870418a67a5c8216787469d5845e7b9e1da56_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:62c33fd8160ec9f5ca795496c302f9ab708167a784f56422705e42a73eaa69fc_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:77f795c922f07ccdb237e98bc0184c2b63e640bb9fb71c183b00ece2d4d423f7_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:a85190ee795f8fa1e9324af5e0af259ab69fa3a05272a5bb5f4076d372fd5fd1_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:2aa45808282b59093c37870eee91e90f3ea0f5505a2c3081044426afc1b24c43_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:57a8db4bfcc0f507fc46e9e0f379bb85558431940861d5ccf7d67c28b4ce70d6_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:628fb2f45f9ae0a1f7ade369ddb11aaf19e849914df3e1602a72bbd747c39403_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0349e3a25a20874671f34ded49ea0a692a4ccff726ae9a7c212134edd5684aa6_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:3ef001da349fb2880c5b4c7b2b480d84497d2d7b06d5f88b434a5867b15831ea_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:762a843c527f3eae162e4bedee20f88b2df2919499bc07ee156ed6e575673a2b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:9d564610e1019680260e701955356a2fbd14de32a46506128208c1ebc6771e0e_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:db1bd588d96d3eff25fce96b0e6d78d042b6041b0bb31a64f4683df65b3af5e3_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5845f4f7c9d013682cf2605a766aeb698e41934f85e3cf4f40a39f95036d2778_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7e32adf6e8872a6b867d64020b03c1ed4ecbb4079539c3f66e85a595704b008d_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a39cdaf818b6cc9fcb1c780a82c39b1f8d7f00dcb5f4ecdf5795cd7452f56203_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:77dbe735cb007c4cb31d0d01e26aa46f7014ea4089b72630d206526605b78e52_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:489446f0c5a57d9d6bcdb7b0ccba2db6c5f961693bc0c95cda02a6ee52a718ae_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7c05bf2bab975c345fbb1f54c74ce00b512a7780262087ffeb5e18e39d357e2e_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:bf747665d8f980936633273351381207f0db7e5a920f6c1745dd1282f9a7a7a7_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:1f42a9088fd931804a16d6170c2d65a1a49b2433e906d3e3ac59f5169793ae8d_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:82890320e84c3be368d5f7e4b76fb99d6a20340cd5c3b2809e3e23cabc76bc7b_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:dcf424eb353016ba6d2751052099542b330f99ea8ee0540431e50a8df5628263_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:11996
Vulnerability from csaf_redhat - Published: 2026-04-30 01:20 - Updated: 2026-06-30 05:56Summary
Red Hat Security Advisory: Red Hat Quay 3.9.21
Severity
Important
Notes
Topic: Red Hat Quay 3.9.21 is now available with bug fixes.
Details: Quay 3.9.21
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
No description is available for this CVE.
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a "slice bounds out of range panic", resulting in a Denial of Service (DoS) for the affected application.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le | — |
Workaround
|
Threats
Impact
Important
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.9.21 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.9.21",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11996",
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27459",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32286",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4427",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11996.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.9.21",
"tracking": {
"current_release_date": "2026-06-30T05:56:22+00:00",
"generator": {
"date": "2026-06-30T05:56:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:11996",
"initial_release_date": "2026-04-30T01:20:06+00:00",
"revision_history": [
{
"date": "2026-04-30T01:20:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-30T01:20:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:56:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.9",
"product": {
"name": "Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776963375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776962931"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ad201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956601"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705943"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777327525"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1777328140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1776782369"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aa0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776962931"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1777327525"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ab8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1776782369"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ad18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776962931"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776956008"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ac2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1777327525"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Abad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776705534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776908959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1776782369"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4427",
"discovery_date": "2026-03-18T14:02:19.414820+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4427"
}
],
"release_date": "2026-03-18T13:00:31+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
}
],
"title": "github.com/jackc/pgproto3: pgproto3: Denial of Service via negative field length in DataRow message"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27459",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-18T00:01:41.404915+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448503"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pyOpenSSL. The set_cookie_generate_callback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a fixed-size buffer provided by the underlying OpenSSL library.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyOpenSSL: DTLS cookie callback buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when an application using the pyOpenSSL library provides a custom callback to the set_cookie_generate_callback function. For the buffer overflow to occur, the callback function must return a cookie string or byte sequence longer than 256 bytes, limiting the exposure of this issue. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27459"
},
{
"category": "external",
"summary": "RHBZ#2448503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst",
"url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408",
"url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"
},
{
"category": "external",
"summary": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4",
"url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"
}
],
"release_date": "2026-03-17T23:34:28.483000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "To mitigate this flaw, ensure the callback provided to the set_cookie_generate_callback function strictly limits the returned cookie string or byte sequence to under 256 bytes.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyOpenSSL: DTLS cookie callback buffer overflow"
},
{
"cve": "CVE-2026-32286",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:59.226117+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the DataRow.Decode function within the github.com/jackc/pgproto3/v2 component. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message containing a negative field length. This improper validation of field lengths leads to a \"slice bounds out of range panic\", resulting in a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The PostgreSQL server multicluster-globalhub-manager connects to is either provisioned by the operator itself or specified by the admin managing the deployment. To successfully exploit the vulnerability in this context the attacker would need to compromise the operator-deployed PostgreSQL server to force a crafted malicious DataRow message or they would need to have the privileges required to modify the operator-provisioned deployment or configure globalhub-manager to use a compromised/malicious \u201cBYO Postgres\u201d server.\n\nThe first scenario (compromising a legitimate PostgreSQL server) would change Attack Complexity from Low to High resulting in an adjusted CVSS v3.1 score of 5.9 (Moderate)\nThe other scenarios (manipulating the operator provisioned-deployment or configuring the globalhub-manager to use a malicious server) would maintain AC:L but would require privileged access. This would change Privileges Required from None to High resulting in an adjusted CVSS v3.1 score of 4.9 (Moderate)\n\nBased on the above the Impact Rating for multicluster-globalhub-manager-rhel9 is Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32286"
},
{
"category": "external",
"summary": "RHBZ#2451847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32286"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4518",
"url": "https://github.com/golang/vulndb/issues/4518"
},
{
"category": "external",
"summary": "https://github.com/jackc/pgx/issues/2507",
"url": "https://github.com/jackc/pgx/issues/2507"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4518",
"url": "https://pkg.go.dev/vuln/GO-2026-4518"
}
],
"release_date": "2026-03-26T19:40:51.974000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgproto3/v2: github.com/jackc/pgproto3/v2: Denial of Service via malicious PostgreSQL server"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T01:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:9830eae6b8589e5a4a2e50d201a33f6e9b64ac3b04d7d045d7fd812609fde97a_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b8f34f08a7a695f6ccf9b88e6c2ce1f1cae76f98d9005588424b0ef8a58f4549_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:bad2d6be0381249da08576fc6e733dd51cb30a0997b17b512c19a39b0e30df08_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:d201aa07519a56ee384d8ce004ff97ff4dcade74fed273dd5e731a0ce249c021_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:6a8c24949c45070e83a5d492e7235969b2a241a37649baea8d8af48d8444f0db_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:787fc4e689380b857b2a4e62d2950952f97117b65cd84d033f2e8e8e9b28ef19_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:78aeb71e263279f23deaacb546676aa3739365e6581b3a2d8f1846339ec68f6f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8b22279c558993df180f6dce49f37a429804031963185415d70eafe4af1d5875_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:1b9ba50e0ed691c3f38bbfa1c979ad91ffbc618fea4ee91748412d941c53a5da_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:84a239c3762ffa42bde673f5e6715acabcafa67122ad8684b9c6672fc1300cea_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:c2d65b2417e8c05886b3cb50c7696ae83e04418aebc4dc6f6c96ecebe39991ac_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:9b37a43bac0c38e9b7debf427890b9b664d93b2ccd8c4298e860b7ee89ee3c43_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:6e0d179df39acec2ac05188366be788a84d35613145c24054a90656712108fe5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a0d02b6a2c597aa278b5b512185ffc0dde7ea1769e1178907cd0dbe5b739309b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d18d9c62d72faf3bf5388fa994dfe715a5f46d3a7ea5042952de7f1a750f297e_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:637054b16092a2f972f7da7c1d47c00f5f2ca670b464374d68cbeabd25db3889_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:048a42a26c19cbc973e36284a7a80018af580c97d7046bfc513e7cdfae45292f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:132c4a7071f70729f971e7c258a60c8b2c6d6427adae3014acdb066fb3415cbb_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:3ae36f520f4560f23b7b4ecbe24fd9bfb6dc3199aaa0bed38dec7c381e5b4067_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:2c3c6f149c673cfd68cb5cc62f75bb75480a8d4f4470a7de93191bca1cc0f253_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:593f1bf28190a411fde00fc5bedf5ca4059b0213b7c3e6455c205aa18ad7d7d5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:9ad34f2c10bd76352bd771579118ffdcc2a2138a0d1aecae4867b5772cd56814_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:12116
Vulnerability from csaf_redhat - Published: 2026-04-30 06:52 - Updated: 2026-06-30 05:56Summary
Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.2
Severity
Important
Notes
Topic: Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.2 General Availability release, with updates to container images.
Details: Assisted Installer RHEL 9 integrates components for the general multicluster engine
for Kubernetes 2.10.2 release that simplify the process of deploying OpenShift Container
Platform clusters.
The multicluster engine for Kubernetes provides the foundational components
that are necessary for the centralized management of multiple
Kubernetes-based clusters across data centers, public clouds, and private
clouds.
You can use the engine to create new Red Hat OpenShift Container Platform
clusters, or to import existing Kubernetes-based clusters for management.
After the clusters are managed, you can use the APIs that
are provided by the engine to distribute configuration based on placement
policy.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace. The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected. This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode. Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.
6.1 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64 | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x | — | ||
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le | — |
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64 | — |
Workaround
|
|
| Unresolved product id: multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x | — |
Workaround
|
Threats
Impact
Important
References
21 references
Acknowledgments
Red Hat
Omer Vishlitzky
Nick Carboni
Riccardo Piccoli
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.2 General Availability release, with updates to container images.",
"title": "Topic"
},
{
"category": "general",
"text": "Assisted Installer RHEL 9 integrates components for the general multicluster engine\nfor Kubernetes 2.10.2 release that simplify the process of deploying OpenShift Container\nPlatform clusters.\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds. \n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters, or to import existing Kubernetes-based clusters for management.\n\nAfter the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:12116",
"url": "https://access.redhat.com/errata/RHSA-2026:12116"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-7163",
"url": "https://access.redhat.com/security/cve/CVE-2026-7163"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_12116.json"
}
],
"title": "Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.2",
"tracking": {
"current_release_date": "2026-06-30T05:56:23+00:00",
"generator": {
"date": "2026-06-30T05:56:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:12116",
"initial_release_date": "2026-04-30T06:52:26+00:00",
"revision_history": [
{
"date": "2026-04-30T06:52:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-06T19:56:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:56:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.10",
"product": {
"name": "multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.10::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773487346"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949906"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776351169"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776983527"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3Af11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773487346"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3A6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949906"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3A2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776351169"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776983527"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773487346"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Ae1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949906"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3Ab6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776351169"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3Af0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3A07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776983527"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-image-service-rhel9@sha256%3A3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1773487346"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel9@sha256%3Aa12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949906"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel9@sha256%3Abfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776351169"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-controller-rhel9@sha256%3A12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776949909"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x",
"product_id": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-service-9-rhel9@sha256%3Afe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776983527"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Omer Vishlitzky",
"Nick Carboni",
"Riccardo Piccoli"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-7163",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2026-04-27T04:18:06.534000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463152"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. \n\nThe credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace.\n\nThe affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected.\nThis issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode.\n\nSuccessful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "assisted-service: assisted-service: Authenticated users can gain administrative access to OpenShift clusters via credential disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability affecting on-premises deployments of Multicluster Engine (MCE) and Red Hat Advanced Cluster Management (ACM). An authenticated user with namespace-scoped privileges can exploit a flaw in the `assisted-service` REST API to retrieve administrative credentials for OpenShift clusters provisioned through the hub. This grants unrestricted root-level administrative access to affected spoke clusters, stemming from the `AUTH_TYPE=local` mode\u0027s unconditional administrative access with a valid local JWT, which is exposed in plaintext.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-7163"
},
{
"category": "external",
"summary": "RHBZ#2463152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-7163",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-7163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-7163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7163"
}
],
"release_date": "2026-04-30T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T06:52:26+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.15.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12116"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "assisted-service: assisted-service: Authenticated users can gain administrative access to OpenShift clusters via credential disclosure"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T06:52:26+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.15.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12116"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T06:52:26+00:00",
"details": "For more information about Assisted Installer, see the following documentation:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#cim-intro\n\nFor multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro\n\nThis documentation will be available after the general availability release of Red Hat Advanced Cluster Management 2.15.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12116"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:3f59623b74897f179a86165b21baad080d562b3acaeb44316273078002b02219_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:448b0ebba6b79d15613a0e77929c44006bced1bab7c1394e8ee50783275f082c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:786b3e50adeca379bf6e1a8ceeddc8bef235dfdbacc1caa77d0c1903c1069569_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-image-service-rhel9@sha256:f11864d3c913d54cbbfdffdf2dd138c8fb43998128d1319cf29c4c731f2f2c73_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:2015da323dfa9350f4192cce4d835c6a156041ebb8f13e3974e86cd8a0ac1114_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:57d6348d03788f7776f78f1ef75cf2cca02a3cfc9a562dd2d34ec00c30c3b25d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:b6327e916068ceddbce6e1e64d89d0fe6501eaf7db702fd883ddd67412e35dc6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-agent-rhel9@sha256:bfe5610b8d03fc7a9130d5e7b6dc7a9ac63903e2a21103ecc4d0ff1419eedc74_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:085d4698e4eb08202f1f9f1e6a85a3b0251a5d185ca9c9f4b77612640dd4fb54_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:12c01eb1e7b49ed43c86679afeecfef474dcb2dda051da83df825150fe910b6f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:52b698386cf12b8423f3af3e27f25455e5bf248b8ed3b2713eca37ed64a78c2a_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-controller-rhel9@sha256:f0ba1bf837f9f7f8db43b9597c49348b17f33d784129571f9f9646d5f6f4ac5c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:6d7a77accd0f6c9eb52245c5f5b461be4522e251f35e90aec52b0f29ea81873a_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:7a73a376c4cca97ac7e80feade1fc2e652a31982967da489000c86fe810ab823_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:a12f7d2451e297af33630d51d94b2ecba37747e50a33f7cbb7f5c267e63e7258_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-installer-rhel9@sha256:e1e9c33da21dc580cb93da748a4a22547a05b11fa33a97a744baebf26f351153_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:07ff3070b9860ada744508a2a1710014c23f7f44a1ac8547c8885368d79baee3_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:3774f8be3f1a4ca6a46aa3aba3ed6135dcd90ef0985f9b16e46b8b00e92f8e17_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:73f20e3ce70608c606eeddc39e8dbd08747d0d27b4d6d84aaeddff8b32aaa3a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/assisted-service-9-rhel9@sha256:fe73f932f408abfa6bed69664b73af371bb2a58e94a5da43491a65eeee774252_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:12277
Vulnerability from csaf_redhat - Published: 2026-04-30 11:25 - Updated: 2026-06-30 05:56Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20.10 security, enhancement & bug fix update
Severity
Important
Notes
Topic: Red Hat OpenShift Data Foundation 4.20.10 security, enhancement & bug fix update
Details: Red Hat OpenShift Data Foundation 4.20.10 security, enhancement & bug fix update
FIXED BUGS:
==========
DFBUGS-6171: RHODF 4.20.10 release
DFBUGS-6016: Backport to odf-4.20.z [GSS] No public access to buckets after ODF upgrade to 4.20
DFBUGS-5941: Backport to odf-4.20.z [External Mode]: noobaa-default-backing-store is in creating state due to "CheckExternalConnection Status=UNKNOWN_FAILURE Error=SELF_SIGNED_CERT_IN_CHAIN"
DFBUGS-5818: [Backport to odf-4.20.z] [IBM_Support][Fusion HCI]"storageclient-xxxxx-status-reporter job" doesn't inherits the tolerations defined in "ocs-client-operator-controller-manager" deployment
DFBUGS-5801: [Backport to odf-4.20.z] must-gather causes default RGW pools to be created and PGs to be stuck at 1
DFBUGS-5115: [csi] Handle race conditions during relocate/failover of RBD based workloads
DFBUGS-4747: Unable to select NAD from dropdown list when creating storage cluster when using Multus
CVEs:
==========
CVE-2026-4800
CVE-2026-34986
CVE-2026-33186
CVE-2026-33036
CVE-2026-27942
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
8.1 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in fast-xml-parser. A user can exploit this flaw by processing specially crafted XML data with the XML builder when the `preserveOrder` option is enabled. This can lead to a stack overflow, causing the application to crash and resulting in a Denial of Service (DoS).
7.5 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.
7.5 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64 | — |
Workaround
|
Threats
Impact
Important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Data Foundation 4.20.10 security, enhancement \u0026 bug fix update",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation 4.20.10 security, enhancement \u0026 bug fix update\n\nFIXED BUGS:\n==========\nDFBUGS-6171: RHODF 4.20.10 release\nDFBUGS-6016: Backport to odf-4.20.z [GSS] No public access to buckets after ODF upgrade to 4.20\nDFBUGS-5941: Backport to odf-4.20.z [External Mode]: noobaa-default-backing-store is in creating state due to \"CheckExternalConnection Status=UNKNOWN_FAILURE Error=SELF_SIGNED_CERT_IN_CHAIN\"\nDFBUGS-5818: [Backport to odf-4.20.z] [IBM_Support][Fusion HCI]\"storageclient-xxxxx-status-reporter job\" doesn\u0027t inherits the tolerations defined in \"ocs-client-operator-controller-manager\" deployment\nDFBUGS-5801: [Backport to odf-4.20.z] must-gather causes default RGW pools to be created and PGs to be stuck at 1 \nDFBUGS-5115: [csi] Handle race conditions during relocate/failover of RBD based workloads\nDFBUGS-4747: Unable to select NAD from dropdown list when creating storage cluster when using Multus\n\nCVEs:\n==========\nCVE-2026-4800\nCVE-2026-34986\nCVE-2026-33186\nCVE-2026-33036\nCVE-2026-27942",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:12277",
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27942",
"url": "https://access.redhat.com/security/cve/CVE-2026-27942"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33036",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_12277.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20.10 security, enhancement \u0026 bug fix update",
"tracking": {
"current_release_date": "2026-06-30T05:56:25+00:00",
"generator": {
"date": "2026-06-30T05:56:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.0"
}
},
"id": "RHSA-2026:12277",
"initial_release_date": "2026-04-30T11:25:14+00:00",
"revision_history": [
{
"date": "2026-04-30T11:25:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-04T14:12:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T05:56:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Openshift Data Foundation 4.2",
"product": {
"name": "Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.20::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Openshift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256%3Adfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822432"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256%3Ab16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"product_id": "registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256%3Af399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421513"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"product": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"product_id": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256%3A7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"product": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"product_id": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256%3Ad0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404009"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"product": {
"name": "registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"product_id": "registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256%3Abfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"product_id": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256%3Acbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"product_id": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256%3Ae6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"product_id": "registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256%3Ad9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421528"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"product": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"product_id": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256%3A7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822689"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"product": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"product_id": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256%3Af6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"product": {
"name": "registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"product_id": "registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256%3A4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421520"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"product_id": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256%3A7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"product_id": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cloudnative-pg-rhel9-operator@sha256%3A277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"product_id": "registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256%3A09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406770"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"product_id": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256%3Aa1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256%3A1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256%3A4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421532"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256%3A6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"product_id": "registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-dependencies-operator-bundle@sha256%3Ac3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-rhel9-operator@sha256%3A854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-operator-bundle@sha256%3Aeae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-sidecar-rhel9@sha256%3Abd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"product_id": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256%3A4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406771"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"product_id": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256%3Ad56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406384"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"product_id": "registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256%3Ac0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"product_id": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256%3A9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"product_id": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256%3Afd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406595"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"product_id": "registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256%3A10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421541"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"product": {
"name": "registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"product_id": "registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256%3A20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421546"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"product": {
"name": "registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"product_id": "registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256%3A70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421554"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"product": {
"name": "registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"product_id": "registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256%3A3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421565"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"product": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"product_id": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256%3A6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"product": {
"name": "registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"product_id": "registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256%3A7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421558"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"product": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"product_id": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256%3A7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775823207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"product": {
"name": "registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"product_id": "registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256%3Ae7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73?arch=amd64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776421567"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256%3A1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822432"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256%3A2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"product_id": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256%3A5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"product_id": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256%3A1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404009"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"product_id": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256%3A459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"product_id": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256%3Adbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"product_id": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256%3A55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822689"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"product_id": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256%3A33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256%3Abd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cloudnative-pg-rhel9-operator@sha256%3Ab2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256%3Ad669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406770"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256%3Ac8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256%3A52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256%3A28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-rhel9-operator@sha256%3A64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-sidecar-rhel9@sha256%3A156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256%3A902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406771"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256%3Ae9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406384"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256%3Acbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"product_id": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256%3Ab196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406595"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"product_id": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256%3A28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"product": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"product_id": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256%3A57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775823207"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256%3Adb57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822432"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256%3Af9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"product": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"product_id": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256%3A411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"product": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"product_id": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256%3A326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404009"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"product_id": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256%3Adfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"product_id": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256%3A6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"product": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"product_id": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256%3A99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822689"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"product": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"product_id": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256%3A290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"product_id": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256%3Ab6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"product_id": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cloudnative-pg-rhel9-operator@sha256%3A94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"product_id": "registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256%3Ae238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406770"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"product_id": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256%3Ad219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256%3A0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256%3Ac7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-rhel9-operator@sha256%3Ad6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-sidecar-rhel9@sha256%3Ac809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"product_id": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256%3Abbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406771"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"product_id": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256%3A214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406384"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"product_id": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256%3A00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"product": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"product_id": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256%3A7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406595"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"product": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"product_id": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256%3Ae2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x",
"product": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x",
"product_id": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256%3Ab388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429?arch=s390x\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775823207"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256%3A6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822432"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"product": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"product_id": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256%3A54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"product": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"product_id": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256%3Aea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776403991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"product": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"product_id": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256%3A40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404009"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"product_id": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256%3A8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404539"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"product": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"product_id": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256%3Af567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"product": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"product_id": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256%3A6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775822689"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"product": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"product_id": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256%3A3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776404131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"product_id": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256%3Aefe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406225"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"product_id": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cloudnative-pg-rhel9-operator@sha256%3Af72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406131"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"product_id": "registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256%3A4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406770"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"product_id": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256%3Abd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406247"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256%3A663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"product_id": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256%3A9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-rhel9-operator@sha256%3Ad8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406284"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"product_id": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-external-snapshotter-sidecar-rhel9@sha256%3A31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406291"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"product_id": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256%3A45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406771"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"product_id": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256%3A6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406384"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"product_id": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256%3Af383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"product": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"product_id": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256%3Afc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406595"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"product": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"product_id": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256%3A88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1776406594"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"product": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"product_id": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256%3A74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e?arch=arm64\u0026repository_url=registry.redhat.io/odf4\u0026tag=1775823207"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64"
},
"product_reference": "registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x"
},
"product_reference": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64"
},
"product_reference": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64"
},
"product_reference": "registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64"
},
"product_reference": "registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x"
},
"product_reference": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64"
},
"product_reference": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64"
},
"product_reference": "registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64"
},
"product_reference": "registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64"
},
"product_reference": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64"
},
"product_reference": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x"
},
"product_reference": "registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64"
},
"product_reference": "registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x"
},
"product_reference": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64"
},
"product_reference": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64"
},
"product_reference": "registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x"
},
"product_reference": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64"
},
"product_reference": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64"
},
"product_reference": "registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64"
},
"product_reference": "registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64"
},
"product_reference": "registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64"
},
"product_reference": "registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64"
},
"product_reference": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64"
},
"product_reference": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x"
},
"product_reference": "registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
},
"product_reference": "registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le"
},
"product_reference": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64"
},
"product_reference": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64 as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64"
},
"product_reference": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x as a component of Red Hat Openshift Data Foundation 4.2",
"product_id": "Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
},
"product_reference": "registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x",
"relates_to_product_reference": "Red Hat Openshift Data Foundation 4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"known_not_affected": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T11:25:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.20/html/updating_openshift_data_foundation/updating-ocs-to-odf_rhodf",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-27942",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-02-26T03:01:53.367202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A user can exploit this flaw by processing specially crafted XML data with the XML builder when the `preserveOrder` option is enabled. This can lead to a stack overflow, causing the application to crash and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw affects the XML builder component of the fast-xml-parser library and is triggered only when the preserveOrder option is explicitly enabled. In Red Hat\u2013shipped configurations, this option is not enabled by default, and the vulnerable code path is therefore not exercised under typical deployments.\nThe underlying issue results in uncontrolled recursion leading to a stack overflow condition, which causes the application to terminate unexpectedly. While this can be triggered via crafted input, the impact is limited strictly to denial of service (DoS) and does not provide a mechanism for arbitrary code execution, privilege escalation, or data disclosure.\nFurthermore, exploitation requires that the affected application processes attacker-controlled XML input through the XML builder functionality with the specific vulnerable configuration enabled. This significantly reduces the attack surface and introduces environmental constraints not considered in the generalized NVD scoring.\n\nGiven the absence of confidentiality and integrity impact, the requirement for non-default configuration, and the limitation of the impact to process termination, Red Hat considers the practical risk to be lower than the NVD assessment. As such, this issue is classified as Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"known_not_affected": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27942"
},
{
"category": "external",
"summary": "RHBZ#2442938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27942",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27942"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/c13a961910f14986295dd28484eee830fa1a0e8a"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/pull/791"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-fj3w-jwp8-x2g3"
}
],
"release_date": "2026-02-26T01:22:11.383000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T11:25:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.20/html/updating_openshift_data_foundation/updating-ocs-to-odf_rhodf",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, configure applications using the `fast-xml-parser` XML builder to set the `preserveOrder` option to `false`. Alternatively, ensure that all XML input data is thoroughly validated before being passed to the builder to prevent the processing of malicious or malformed content.",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service"
},
{
"cve": "CVE-2026-33036",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-20T06:02:18.306021+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"known_not_affected": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "RHBZ#2449458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"release_date": "2026-03-20T05:17:03.290000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T11:25:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.20/html/updating_openshift_data_foundation/updating-ocs-to-odf_rhodf",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"known_not_affected": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T11:25:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.20/html/updating_openshift_data_foundation/updating-ocs-to-odf_rhodf",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"known_not_affected": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-30T11:25:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.20/html/updating_openshift_data_foundation/updating-ocs-to-odf_rhodf",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:12277"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-operator-bundle@sha256:f399b7669f82d8c7261202abec0cbfd3b2fac76709a70fb2a513b4b11fade258_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:2cebd0dc24a731f2c2d33a7b1930d9bf65845ab83817775d378c07630a1e55c1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:54beb2645e89c0ad54c9d454cf9976bbdbe8d39f7de7087a99d7a5a0fa8db535_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:b16e684d89de40f241e55d95da5f4fccc66822a660e5acd3be981b71b5057702_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9-operator@sha256:f9b729a5ea810214412e82fab3bfe36602f6cba9a07e6eb0bc2032c5dc556e17_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:1838b85d294f260d3cbbcdeabb19bcd0c3fb1f0ce31c5676dfa48b10ad8d59b7_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:6dbbc46f47994ad8bcf29f040b64a9b9c17c161ba9babfea3ce1c8a15fec32af_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:db57ed5bd968276e033a68a90f369dd41708dc6404db38c1d9b2a07a8327499a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/cephcsi-rhel9@sha256:dfdf81ab0ca1b4c8155b8b37db728aa37c3b708e8621995da9cbd576086954c3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:411aa11f920b73eb4cdf4afa7948e5e3bd161e4f8068b8349025368ee0806013_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:5516d05155406fa1183a4f913d420ec8c382b6aeeba2c69c0184dbdf78e95eb1_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:7248ed40e12d7fb5881f9d76aa01ea43a3095c9ecac5854303f732043ada3917_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-core-rhel9@sha256:ea7c225e4acb2eec25cb48e6068c08ae077beee67458ae58e3465851940fd81d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-operator-bundle@sha256:bfaf01516833acaf30eb30165f66687f122fa5fa5a66d87ff623a5c9eda9faf3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:1ed70f06ed113964103868d57e983e06f1473500040d2d6c0a5bd27e2385bf7f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:326f6201fe88992855a8f945f4c40f62d1a2e8fb83c38cb77b769b2889627f4e_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:40b71d0ac98a372943219f0a138dc08d7f4e6d3c4337e0787463f86b4bb28c07_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/mcg-rhel9-operator@sha256:d0645cfddaf15cbb47ea1755ea118e607f11b4f32ab3fb4f87c53b52de7bbcdd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:459ee750a0ab1209540ad9c09b090beffd5da246aeb7171993c7812652cfd82e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:8427b24d33a5f1c51e1314194be758c501be31b0b5ec53f256871a0d8dc82621_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:cbdb7a6550b3723f7dfcf5abfae878860c6101df8a6429a596c5a0c58486c3bd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-console-rhel9@sha256:dfc04028f84b17339c8950c890bd27f55169e3aa60b9555fea15f2c2cb720c1b_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-operator-bundle@sha256:d9dfc4f0b824dc259a0b53d143446a67a9356dc28cfd78e3e3ed452b24b98e5f_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:6bcaee8923f89346dad8e9830cf17e115c86668525f644d11fbaf9608b4df9fc_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:dbf5873f3b7025e31a09a502da82a0c2a49ffd636c2f1186a418b1b327c3e30f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:e6fc86165dcd9f9239f11d7792cf51e84275091b7864c7b3cb24f23a33f5aa2c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-client-rhel9-operator@sha256:f567517ba81297b4be348c9fe9960d14b758ae2fb7b0c7d38389b05bc445f86b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:55c1db11abb65030a27ace0692b24ac91d591fe7279cc699647bb7e47377ee46_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:6df05909b32cea6072f7e93f62ea6092dd6644505b7c377a41b7eafddd98e957_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:7d523dd4c352ef043c07f9810123e6b47e742f397bdb9b1cc4e08023b227914a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-metrics-exporter-rhel9@sha256:99d3ef22e7c1fb683d763fedea4c717cc76179d842d87cfc4c4d785c079d100a_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-operator-bundle@sha256:4d9bae0cd399ae2f3abdc4f6dc53eca6c71fef9c7d921eb39b9d3f97ecad35f1_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:290886aae2f0bbc4e6f1f467a0e0d3c97b0dc9b58a69790e03a89e4f48313a84_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:33524dbe3e6a8ea5a4573f54ac87c9333a321957e2dc8ed5b2ed4fb243e27415_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:3acdc5008849e5bb20a2406aa528404a2a4eec7a89fff16f12ee8cd23c87d036_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/ocs-rhel9-operator@sha256:f6300b99193451cddf3ebb85d90bcffc7987cc7979e7769129e8a71bcc0d483d_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:7bb28eb1a25ac829ea643483baabbafa2ea112c17120a4c53282dd0f97ca63ba_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:b6b6acd8570515bccb7c0cf73f27ad5a05e1f7f345b70103a8b3d85b5ae6ca50_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:bd30dd3c0f10a7419e36a029680d10d6f721e15ea33cc4ea4d3cc41a287ece36_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cli-rhel9@sha256:efe81953f21b32ba1b29eaa92d2244dab0a9ea284ddf7aacc61e74100585aa02_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:277d1eaae6422e7f41455d99758ab29c46c4821fc8cd86bf10926aab6d951a2e_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:94a3152a0b5e36e451eeaa5ea7c4e3809e36c5c00c18374f735cbed8a1822afe_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:b2f540a01874e37e654d6fd6b3b82cf44e5b1f2b082204d7acd6238e342967d4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cloudnative-pg-rhel9-operator@sha256:f72bfba5f4053f1b391f7685dc9ee695730fd31e0bde1eea71eb06e4c6d4cf31_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:09ca4236d6a93ebd832a34c1dbe7d0573ca3ebc59cf8dcc022a8f488621563d4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:4d6fa3682bb01bd64a39783effb46db3b89c36a7d7c7f3e7823aa16e1e0cd72d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:d669926876f84572caa5a621f7ee9235b1053c45de194b7860b2e1395ebc8082_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-console-rhel9@sha256:e238ac1267655df4fd45ebc66439868db43eeaa5bc433b3dfde5cc22b2a20232_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:a1fcec9d7bf0f9a8b45b1c09e1ff1243b7ee38b84ed2871e51cd0aba73d70ad5_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:bd3d9988d56a356ce751aa23a13629b040c6a640510a62d9f44ba2ec6638f42b_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:c8f37c4f2c9b9514dfbbd9c8b9750e4e9ca88dfff344f9cc1157906d5629e6c0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-cosi-sidecar-rhel9@sha256:d219427149a475f140e807b8857be4f02e36f8d50cf18efa6261f96d644f0fb7_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-operator-bundle@sha256:4d780ab20b7998b60929a666468ffc046d4666403abfcfc01dd7b5b614d42890_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:0ace2dc69d65bfc51b7880e7941c074b042ce0c9a49f34206ae8ed3b7a1cb025_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:1e3aa2c95f6f35c8e8b9b39c5be3d3973d5286670753f6512681c138ef607dd3_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:52cba988a8921d60c6df8696ade7fd4d1821bfae7413c1954c66c7d2d468950f_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-rhel9-operator@sha256:663d9f1fb160f3decbe4632c10d7bcc9d5199e16f4852b04c5ff0c6664dcf3a6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:28e0cdc61c5a12d138e66fc6bdb4ea0030caa5cb8b034b76ea67bba2b5048dd0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:6a887845fef9147f78cfc7b4f1fba122ffefa12752946dee511125f0c0b55596_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:9de6f10311e67ba6bde3fcf931f9897eaeb57ff913347e5de56395325996fb1d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9@sha256:c7ca47572158a28244b3d7499e34dfcbc594fd33486d04a874208ea5ad89e9a9_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-dependencies-operator-bundle@sha256:c3501a4b1fd5e64bad66d33ad935dce0fcf0ce3f93a675307de24e9d28acec62_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-operator-bundle@sha256:eae7a90a03414eef2ab3362a25b4b9d413e538a4eef7d47dc280de5debad8199_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:64cdfd8f4b7c842b988a11903cdfaeb4baa2d2f12fedaa096e6ffc94030a77ad_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:854c6d155c6442c99aec35ceb552235987d1de7756b2d9c72b206665bb01e205_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d6c2411860abc7384d952eed842f476458f3b39390135265b9a06cbc1ac60a35_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-rhel9-operator@sha256:d8ff504a5f6ca122aa77e14747f84a83e364cc66bef41b15c74728aca04eadcb_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:156811bdba65e7ced33bb7d3ff71506d1d78c2e2f0fda3bdd01accbb094acda6_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:31bb2758db9da44709ba59570e808b82a3458addfa513099523bc7133bbad7f6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:bd3a127dfadd64db95256b3f3f59367b4c96a55a9eea8e1a8f43e9275a182db6_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-external-snapshotter-sidecar-rhel9@sha256:c809f04640fa5e6c5fc8e9f790aff4815970858c8ca602c3d4df8d8419938b72_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:45b498b5de373bf3a7101d76934b3f76408622a7685cbd95eef95cb11fe19bda_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:4646ea21ea9ccc878d00b2e80a0907b86f1f040e33e3eedbf73f00fca30f6afb_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:902d24cabb545dd2c3733f9e581a667e42d9c037e1b36ced286bbd33a96a72e0_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-console-rhel9@sha256:bbeff98f4b1ea5cdcf1caa48e4c4a4759f26bd842419504e5b1c8052ec3f15d4_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-operator-bundle@sha256:c0769c4621ab8938cfb2b944667688672f91b876b7ef18049c3d3747bc18387a_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:214f23d8bf8f2bb65d5acabed9e472273e2c1a7f491bc4a1160be00271c4d490_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:6386865e6ae9af348a73037f84f6e54966db2dae7d92cab9a60e4a84c41a4d8d_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:d56bc824fa29256432ee11bcfe8f02470ea26426325e051999850c060924b303_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-multicluster-rhel9-operator@sha256:e9c762bc0f9d434b26c6b3bcbda8497ece5fd4950175ad5cf2a5644d6ec107f4_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:00f2a47ffea5073c05243284e5ca20ac857dd32a26dd56accb1a56582dc76932_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:9f35ca7b6fa656d736212c67542a90e2ae8c309ae12022069bac2b2e15485e3c_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:cbe10b9fcd98c5f0664d8da1721d5b1f5716f56235b787644ff679c8c7cf5e90_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-must-gather-rhel9@sha256:f383e1eee810782738f72ef20199b4aeed135a0b212a3d2643fa819ae22c8fb4_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-operator-bundle@sha256:10e60baa58116db95e0e3b6c40dae2cac88f4644a3eaf97c083a75e902b17efd_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-prometheus-operator-bundle@sha256:20c6adec557c3cd67cb1d12045f6f5fa7e963c55a7d46b4ef71787dfcc5f57f2_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:7ce08cf45e20158ad659f4bdb6dbb6484a571b80d527d5c45c9c084e9e952561_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:b196a7facda4b3f566f24b5db7df494fb0d82f0dc5b5f9afa5cd133e01db5e3e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fc4aac367b91ca2b4f32ee35a65c6253b56cf46a1a5e306751c9c2202d38e9e6_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odf-rhel9-operator@sha256:fd0fb5a3115891a4dcf5490c0367b39881a6b61ad88a79296db1244d7e6004ef_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-cluster-operator-bundle@sha256:70a9b212fab45493ff6f0b4c0fbd9255111d656463843b111f292cbe2c33a055_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-hub-operator-bundle@sha256:3a5201adc62745a4c9a3656653677e77ee941d6aa2e7b2de6d4662c233341ee4_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-recipe-operator-bundle@sha256:7ca2fba8c84300eb2cdefe81694a0ed353c459e7756bf20899458e0e00647ba8_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:28a44bbff9dbf22ca1484307315486be544db85b7f360c14e088b9773962ee7b_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:6cb63f18acb165bd9589b128de594240bb4f7f1a0183fa63c72377747109e916_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:88cd3da421ce5ee14181adf8269b3cd0a3381ee6779389e5c29017a6b2a95615_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/odr-rhel9-operator@sha256:e2ae238f722ac958428aa2940da68411f2f32d50f13cbcfdd69b6f69258ca996_s390x",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-operator-bundle@sha256:e7983abe73794c327473cb3056d298d7804cf5c81309e6e7a097a273ceeabc73_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:57885eca4ccdd9d8aadf44bea1820c9c8657f82ea2f6b86404605306a867c77e_ppc64le",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:74d3b56ef65426ded5c0ed4b555fbacdc656cd45dcdf8981486e2beb00c5e30e_arm64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:7c77a79652c74698069c7c3564f11af4813a1d89598e64756113b9854c547658_amd64",
"Red Hat Openshift Data Foundation 4.2:registry.redhat.io/odf4/rook-ceph-rhel9-operator@sha256:b388ff69995a583fb53ceb606a83d6a532751cee5480ef96d7a330a1a7b20429_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…